Block traffic to VIP/LTM/GTM on the basis of origin

Question

Is it possible to block traffic on the basis of origin like traffic from certain countries, i am interested to block/redirect traffic originating from certain countries.. 
&nbsp;  
&nbsp; I believe this is possible with 10.0 ver, i would really appreciate if anyone can help me on this..  
&nbsp;

james_quinby_46 · Answer

You can define topologies based on country of origin, though this is only going to be as good as the GeoIP database, and could be circumvented by the use of a proxy. 
&nbsp;  
&nbsp; There is information on topologies in the admin guide. Click here

hoolio · Answer

And wouldn't someone still be able to access the VIP by IP address (or another non-DNS method for resolving the FQDN to the virtual server IP address)?   
&nbsp;  
&nbsp; I could be wrong, but I don't think there is a simple solution for doing this effectively on LTM as LTM doesn't have the ability to reference the GTM GeoIP database from an iRule.  That might make a good feature request. 
&nbsp;  
&nbsp; Aaron

Forum Discussion

Block traffic to VIP/LTM/GTM on the basis of origin

Recent Discussions

AS3 Limitations

Diameter iRules attachment?

Help needed with iRule (connection closed log )

Use of SSL Decryption.

VLAN Failsafe Functionality

Related Content

F5 Distributed Cloud Origin Server Subset Rules

F5 Distributed Cloud - Mitigation for Cross Tenant Origin Exposure (CTOE)

Decrypting TLS traffic on BIG-IP

Understanding Performance Metrics and Network Traffic

fellow traffic

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS