Forum Discussion

Nimbostratus

Nov 14, 2016

BIG-IP LTM/ASM Order of Operations

In what order does a packet get processed when considering BOTH LTM/ASM? Will an iRule be evaluated before an ASM security policy?

Cirrus

Aug 02, 2019

This question came up recently in regards to HTTP to HTTPS redirect iRule. We know they can be abused for example using the host field inject which redirects the user to another site, so our ASM engineer and I were curious to know which comes first in this case. On the surface I'd say that the packet would never make it to ASM. I will do some testing.

/jeff

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

BIG-IP LTM/ASM Order of Operations

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

A look on APT operations and using F5 BIG-IP features for mitigation

Re: Get Started with BIG-IP Virtual Edition (VE), BIG-IQ VE or BIG-IP Cloud Edition Trial

The BIG-IP AFM Operations Guide

Decrypting BIG-IP Packet Captures without iRules

Decrypting BIG-IP Packet Captures Automatically

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS