For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Lucas_Thompson_'s avatar
Lucas_Thompson_
Historic F5 Account
Nov 19, 2015

Your session must get to "Allow" or "Redirect + Allow" state in order to pass APM and be allowed to the pool. Watch the logs (/var/log/apm) carefully while you're testing your Access Policy logic.

 

As you've found, you can't present a link during access policy evaluation to get back into the access policy again, because APM assumes that your session (with the cookie you have) is currently processing and not yet complete. Don't do a link. Instead, just allow the user to get all the way to the end for the "resetpw" case, assign a restrictive ACL that only allows the "resetpw" functionality, and use an allow+redirect ending.

 

Of course you can get around anything using irules, but for a simple situation like this it would be better to use just access policy items to do it.