For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Cory_50405's avatar
Cory_50405
Icon for Noctilucent rankNoctilucent
Apr 30, 2014

To use the first option, you'll have to create a local traffic policy (Local Traffic -> Policies -> Policies List, then click 'Create' at the top right).

 

You'll need to create two rules within the policy. The first rule will be your default rule. No match condition, but your action should be asm request enable and specify the ASM policy you want to use (/Common/MY_ASM__POLICY_NAME). The second rule will be for your application that you want to disable ASM on. Your match condition will be http-uri request path contains "uri-of-application", and your action will be asm request disable.

 

After these two rules have been created, move your default rule (enabling ASM) to the top of the list.

 

  • Hamada_Tabosha_'s avatar
    Hamada_Tabosha_
    Icon for Nimbostratus rankNimbostratus
    May 01, 2014
    Thank you Cory, but I think the second rule (disable ASM) should be in the top, and the strategy in the policy should be first match ....do you agree ? And whats about if I have the same case but I need to enable ASM for both, and each one in a different virtual server ? Are you agree that I can put them in one virtual server, apply two policy by the rules option in the same way?