Create a temporary rule (AFM) based on the request

Question

Hi,&nbsp;
I am mimicking the behavior of the FTP auth of checkpoint. I have created the FTP server and now the client has authenticate using the iRule. Now, I would like to create a temporary AFM rule to allow that IP to some other services. Is that possible? Is there any command to do such thing?&nbsp;
Regards,
Arturo.&nbsp;

jrahm · Answer

define temporary? Do you mean dynamically, in that you can create a rule on the fly based on certain conditions, that can also be removed on the fly?

arturo · Answer

Yes! For example, in other firewalls you can authenticate through telnet against a TACACS (I have already done it) and that IP (not the authenticated user) will be allowed to access to any or to a selected port... 456 for example. In checkpoint is named client authentication.&nbsp;
If that does not work, I will use the main table to add that IP and allow every IP to the port 456 and reject users based on that table but... :( &nbsp;
Do you understand me?&nbsp;
Thanks,
Ar.&nbsp;

Forum Discussion

Create a temporary rule (AFM) based on the request

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Creating a Credential in F5 Distributed Cloud to use with AWS

Creating a Credential in F5 Distributed Cloud for GCP

Create isolated environment for internal and external networks

Revocation Status in HTTP Request Header

C3D first request problem

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS