Forum Discussion
ASM Local Traffic Policy to redirect on specific URL
This is getting more complicated the more I research it. Here goes... When a request contains a specific URL, I'd like to modify my local traffic policy to redirect traffic to an ASM policy that is different (modified) than the one applied to the VIP in question. And have all other traffic route normally to the applied ASM policy.
Is this possible? It wasn't obvious at first but wouldn't the modified ASM policy (for the URL) need its own virtual server?
Thanks in advance,
Toneman
issue is probably with the client connect, which is when TCP starts and this is later. i dont know by hard what the other options are, but can you try something more http related?
you say redirect to an ASM policy, do you mean you want to apply different ASM policies for the same VIP based on URL?
that is possible. just start with a rule to hit on a certain URL and apply ASM policy X and a second rule with the default ASM policy.
or do you want to do an actual redirect to another virtual server?
- tonemanAltostratus
Correct, one VIP with two ASM policies, with a specific URL going to the second policy. I don't want to use another virtual server.
I just saw article K35432913 "How to select a different ASM policy based on the URI Path in a request" that seems to address this although I'm getting an error when trying to save the suggested config in the article. This error happens when I try to enable ASM for the secondary "redirect" policy. If I choose "log" I'm able to save the policy...
The error says I'm defining an action which occurs before one of its conditions, or before a condition in an earlier rule with a lower ID.
I'm configuring this on a lab VE using v16can you share a screenshot of your local traffic policy? you might try to a redirect, which isn't needed, just enable ASM.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com