For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

gdoyle's avatar
gdoyle
Icon for Cirrostratus rankCirrostratus
May 19, 2016

Custom Response Upon Denial with iRule.

We created an irule which denies a user access if they are not using TLS 1.1 or greater (so TLS1.0 or no TLS). We would like a custom message, and although it is in the iRule, that is not the message...
BIG-IP
irule
security
gdoyle's avatar
gdoyle
Icon for Cirrostratus rankCirrostratus
May 23, 2016

The only conclusion that seems to make sense to my team is what seems to be the consensus here: The connection is being denied prior to the iRule being offered, so the browsers are returning whatever their default message is for being denied by TLS.

 

With that said, would it be possible to use something like an iFile that returns the specific message if the user is not using a better encryption than TLS1.0?

 

The main goal is to deny TLS1.0, but we also need to give the customer a message with the proper reasoning or our Help Desk will be flooded with calls.