Forum Discussion

Cirrus

Aug 25, 2016

APM set network access resource variable from iRule

I am trying to set network access resources variables relating to split tunneling via an iRule. Is this possible and if so can you explain how to achieve? I have set network access resource variab...

BIG-IP Access Policy Manager (APM)

irules

security

stan_piron

Cumulonimbus

Aug 26, 2016

Hi,

you need to define 2 variables:

[stanislas@F5adm:Active:Standalone] ~  sessiondump --allkeys | grep -i split
14780e3f.config.connectivity_resource_network_access./Common/myna.client.SplitTunneling 36 2
14780e3f.config.connectivity_resource_network_access./Common/myna.split_tunneling 36 0

The following irule write variables as expected:

when ACCESS_POLICY_COMPLETED {
    if { [ACCESS::policy result] equals "allow" } {
        foreach naprofile [ACCESS::session data get session.assigned.resources.na] {
            ACCESS::session data set "config.connectivity_resource_network_access.$naprofile.split_tunneling" "0"
            ACCESS::session data set "config.connectivity_resource_network_access.$naprofile.client.SplitTunneling" "2"
        }
    }
}

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

APM set network access resource variable from iRule

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

ASM/AWAF declarative policy

Changes to DO and AS3 GitHub - no longer monitored

Help with SSH Virtual Server

GRE Tunnel Issue

Help with an iRule to disconnect active connections to Pool Members that are "offline"

Related Content

DevCentral Resources

Embedding APM Protected Resources into Third-Party Sites

APM variable assign examples

Overview of MITRE ATT&CK Tactic: TA0042 – Resource Development

Visibility for Modern Telco and Cloud‑Native Networks

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS