Forum Discussion

eroach5's avatar
eroach5
Icon for Nimbostratus rankNimbostratus
Mar 08, 2018

APM rule or access profile to block traffic from Apple devices via HTTP Header filters.

Hello, Moving from Microsoft TMG to F5 APM. F5 software version 11.6.1. Been crawling the F5 support site and web to find a way to block MAC's (OS X) from using Exchange free / busy app.   On the ...
application delivery
BIG-IP Access Policy Manager (APM)
LTM
security
eroach5's avatar
eroach5
Icon for Nimbostratus rankNimbostratus
Jul 19, 2018

The quest to block Mac clients using the F5 APM access policy or an iRule continue. The access policy (attached or embedded image) did not work as expected.

 

In addition, one of my colleagues tried to accomplish the same goal by using an iRule.

 

when HTTP_REQUEST { switch -glob [string tolower [HTTP::header value User-Agent]] { "AppleExchangeWebServices" - "macoutlook" - "mac os x" - "mac+os+x" { reject } default { return } } }

 

This too, did not work completely. See log from Exchange 2013 server:

 

POST /EWS/Exchange.asmx - 444 xxxxx\xxxxx 1.1.1.1 AppleExchangeWebServices/287.4.1+Mail/3445.8.2

 

If anyone has any suggestions they would be greatly appreciated. If additional information is required please let me know.