Forum Discussion
Different Applications Sharing IP address and Port in a same server
Hello, I have the following scenario, I have two applications running into a server where they share IP address and port, they are differentiated by the URL only, for example Application 1 URL is : and Application 2 URL is: . The first question is how do I handle this in order to send the traffic of both applications correctly? I know there is a way with traffic policies but is not clear for me, since there will be only one virtual server created for both applications. The second question is how I can apply different security policies since there is ASM module also needed to be installed?
Hello,
For the good news, there's nothing complex here, just look into Local Traffic Policy feature. Both requirements can be fulfilled. Since your web-server already can distinguish between two different apps due to its own Web Server listener configuration, your BigIP configuration can be done with a single LTM pool.
Test in your lab or staging environment the following:
1 Virtual Server/1 Local Traffic Policy/1 LTM Pool/2 ASM policies
Local Traffic Policy Logic:
- Default Rule and Action - Select
ASMpolicy1
- Conditional Rule and Action - If HTTP path starts with
, select/app2
ASMpolicy2
LTM Pool:
- LTM Pool is just mapped as Default Pool in Virtual Server configuration
Regards,
- Default Rule and Action - Select
- Hannes_Rapp_162Nacreous
Hello,
For the good news, there's nothing complex here, just look into Local Traffic Policy feature. Both requirements can be fulfilled. Since your web-server already can distinguish between two different apps due to its own Web Server listener configuration, your BigIP configuration can be done with a single LTM pool.
Test in your lab or staging environment the following:
1 Virtual Server/1 Local Traffic Policy/1 LTM Pool/2 ASM policies
Local Traffic Policy Logic:
- Default Rule and Action - Select
ASMpolicy1
- Conditional Rule and Action - If HTTP path starts with
, select/app2
ASMpolicy2
LTM Pool:
- LTM Pool is just mapped as Default Pool in Virtual Server configuration
Regards,
- Juan_Fernando_BNimbostratus
Thanks a lot for your answer, just to confirm, as the Default Action you mean it is the Security Policy that is configured in the regular way in the Virtual Server Policies?
- Hannes_Rapp_162Nacreous
. Here you map that Local Traffic Policy which selects ASM policy based on best-match criteria. And you only need one Local Traffic Policy not two.Virtual Server - Resources - Policies
If you have mapped your Virtual Server to ASM policies in other ways, those should be removed. This includes the default Local Traffic Policy that is created when you first create your ASM policy as per standard procedure.
- Default Rule and Action - Select
- Hannes_RappNimbostratus
Hello,
For the good news, there's nothing complex here, just look into Local Traffic Policy feature. Both requirements can be fulfilled. Since your web-server already can distinguish between two different apps due to its own Web Server listener configuration, your BigIP configuration can be done with a single LTM pool.
Test in your lab or staging environment the following:
1 Virtual Server/1 Local Traffic Policy/1 LTM Pool/2 ASM policies
Local Traffic Policy Logic:
- Default Rule and Action - Select
ASMpolicy1
- Conditional Rule and Action - If HTTP path starts with
, select/app2
ASMpolicy2
LTM Pool:
- LTM Pool is just mapped as Default Pool in Virtual Server configuration
Regards,
- Juan_Fernando_BNimbostratus
Thanks a lot for your answer, just to confirm, as the Default Action you mean it is the Security Policy that is configured in the regular way in the Virtual Server Policies?
- Hannes_RappNimbostratus
. Here you map that Local Traffic Policy which selects ASM policy based on best-match criteria. And you only need one Local Traffic Policy not two.Virtual Server - Resources - Policies
If you have mapped your Virtual Server to ASM policies in other ways, those should be removed. This includes the default Local Traffic Policy that is created when you first create your ASM policy as per standard procedure.
- Default Rule and Action - Select
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com