Bypass APM on specific subnets

Question

I'm trying to write an Irule that bypasses the APM for specific subnets.  Irule works great at bypassing anything on the 10.0.0.0/8 subnet but the problem is I don't want it to bypass the APM for this specific subnet which is used by our mobility devices.  In fact this subnet needs to land on the Login page as it's an SSID that has Internet out only.  What happens is we don't even reach the APM login page but instead we reach the windows Auth page which we don't want.  How would be write an Irule that would do this.  the subnet in fact is 10.3.200.0/21 
when HTTP_REQUEST {
if { ([IP::client_addr] == "10.3.220.0")  } 
    { ACCESS::enable } 
  elseif { [IP::addr [IP::client_addr]/8 equals 10.0.0.0] or [IP::addr [IP::client_addr]/16 equals 192.168.0.0] or [IP::addr [IP::client_addr]/12 equals 172.16.0.0] } {
        ACCESS::disable
    }
}&nbsp;

niels_van_sluis · Answer

Try this:
when HTTP_REQUEST { 
    if { [IP::addr [IP::client_addr] equals 10.3.220.0/21] } {
        ACCESS::enable 
    } 
    elseif { [IP::addr [IP::client_addr] equals 10.0.0.0/8] or [IP::addr [IP::client_addr] equals 192.168.0.0/16] or [IP::addr [IP::client_addr] equals 172.16.0.0/12] } {
        ACCESS::disable
    }
}

Forum Discussion

Bypass APM on specific subnets

Recent Discussions

Big IP DNS Failover

AS3 Limitations

Diameter iRules attachment?

Help needed with iRule (connection closed log )

Use of SSL Decryption.

Related Content

Using Client Subnet in DNS Requests

Bypass certificate check

MSM Bypass

Installing and Locking a Specific Version of F5 NGINX Plus

Implementing Client Subnet DNS Requests

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS