Forum Discussion

Nimbostratus

Nov 29, 2006

Cookies and ASM

Hello, I am trying to send a cookie directly to a pool w/o ASM inspection. The cookie name changes which prohibits me from simply adding it to allowed cookies. The name is "ASPSESSIONID*****...

Cirrostratus

Nov 30, 2006

Hello,

It looks like you have a case open with support on this. I'd suggest working with them and then posting the results here once you guys figure it out.

The current behavior you're seeing is expected: if you are using an HTTP class to filter requests which contain the cookie and App Security is disabled on the class, every request with that cookie will be sent directly to the pool.

The ability to define a modified domain cookie using a regular expression has been requested in CR47126. I've attached your case to the request to have this feature built in a future version.

There are a few options for how to work around this in 9.2.3. I think it would be good to work with support to determine the best approach.

Thanks,

Aaron

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Cookies and ASM

AppWorld Berlin iRules Contest!

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

Recent Discussions

Changes to DO and AS3 GitHub - no longer monitored

SSL Forward Proxy, iRules and Client Hello

monitor/healthcheck issue with envoy gateway

Recommendation for Adv. Lab

How to Verify config before loading to F5

Related Content

Cookie-based DDoS protection

2. SYN Cookie: Operation

Encrypting Cookies

Changing samesite attribute on ASM TS Cookie

1. SYN Cookie: Intro

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS