Forum Discussion

Nimbostratus

Sep 24, 2014

Country based ASM security policy

[ASM 11.5.1.HF4] Hello, I'm trying to setup ASM security policy based on client country geoip. So my thoughts was to use the following iRule: when HTTP_REQUEST { HTTP::header remove ...

Nimbostratus

Sep 24, 2014

Ok, I've got it, iRules are applied after your LTM policies.

So you don't match the rule n°3 and your traffic goes to rule 4, isn't it ?

I'm searching for a solution on how to do it from your policy but I'm not sure it's possible with the 11.5.x version.

In the 11.6.0 version, you can do it directly from your policy (geolocation condition without inserting information into the header).

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

announcement

Appworld2026

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Country based ASM security policy

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

F5 Networks F5CAB1 Exam - Need Help Regarding Prep

Username is not filled in EdgeClient in the Modern customization

The GSLB pool is providing an incorrect IP to end users

iRule causing requests to be duplicated (sometimes)

Cisco TACACS+ Config on ISE LTM Pair

Related Content

Quarterly Security Notification October 2025

Minimizing Security Complexity: Managing Distributed WAF Policies

Auditing Security Policy Updates

iRule to modify a content-security-policy header

Adaptive Apps: Replicate & deploy WAF application security policies across F5's security portfolio

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS