Forum Discussion
Juan_Fernando_B
Nimbostratus
NimbostratusDifferent Applications Sharing IP address and Port in a same server
Hello, I have the following scenario, I have two applications running into a server where they share IP address and port, they are differentiated by the URL only, for example Application 1 URL is : and Application 2 URL is: . The first question is how do I handle this in order to send the traffic of both applications correctly? I know there is a way with traffic policies but is not clear for me, since there will be only one virtual server created for both applications. The second question is how I can apply different security policies since there is ASM module also needed to be installed?
Hello,
For the good news, there's nothing complex here, just look into Local Traffic Policy feature. Both requirements can be fulfilled. Since your web-server already can distinguish between two different apps due to its own Web Server listener configuration, your BigIP configuration can be done with a single LTM pool.
Test in your lab or staging environment the following:
1 Virtual Server/1 Local Traffic Policy/1 LTM Pool/2 ASM policies
Local Traffic Policy Logic:
- Default Rule and Action - Select
ASMpolicy1 - Conditional Rule and Action - If HTTP path starts with
, select/app2ASMpolicy2
LTM Pool:
- LTM Pool is just mapped as Default Pool in Virtual Server configuration
Regards,
- Default Rule and Action - Select
Hannes_Rapp_162Nacreous
Hello,
For the good news, there's nothing complex here, just look into Local Traffic Policy feature. Both requirements can be fulfilled. Since your web-server already can distinguish between two different apps due to its own Web Server listener configuration, your BigIP configuration can be done with a single LTM pool.
Test in your lab or staging environment the following:
1 Virtual Server/1 Local Traffic Policy/1 LTM Pool/2 ASM policies
Local Traffic Policy Logic:
- Default Rule and Action - Select
ASMpolicy1 - Conditional Rule and Action - If HTTP path starts with
, select/app2ASMpolicy2
LTM Pool:
- LTM Pool is just mapped as Default Pool in Virtual Server configuration
Regards,
- Hannes_Rapp_162
. Here you map that Local Traffic Policy which selects ASM policy based on best-match criteria. And you only need one Local Traffic Policy not two.Virtual Server - Resources - PoliciesIf you have mapped your Virtual Server to ASM policies in other ways, those should be removed. This includes the default Local Traffic Policy that is created when you first create your ASM policy as per standard procedure.
Juan_Fernando_BThanks a lot for your answer, just to confirm, as the Default Action you mean it is the Security Policy that is configured in the regular way in the Virtual Server Policies?
- Default Rule and Action - Select
Hannes_RappHello,
For the good news, there's nothing complex here, just look into Local Traffic Policy feature. Both requirements can be fulfilled. Since your web-server already can distinguish between two different apps due to its own Web Server listener configuration, your BigIP configuration can be done with a single LTM pool.
Test in your lab or staging environment the following:
1 Virtual Server/1 Local Traffic Policy/1 LTM Pool/2 ASM policies
Local Traffic Policy Logic:
- Default Rule and Action - Select
ASMpolicy1 - Conditional Rule and Action - If HTTP path starts with
, select/app2ASMpolicy2
LTM Pool:
- LTM Pool is just mapped as Default Pool in Virtual Server configuration
Regards,
- Hannes_Rapp
. Here you map that Local Traffic Policy which selects ASM policy based on best-match criteria. And you only need one Local Traffic Policy not two.Virtual Server - Resources - PoliciesIf you have mapped your Virtual Server to ASM policies in other ways, those should be removed. This includes the default Local Traffic Policy that is created when you first create your ASM policy as per standard procedure.
- Juan_Fernando_B
Thanks a lot for your answer, just to confirm, as the Default Action you mean it is the Security Policy that is configured in the regular way in the Virtual Server Policies?
- Default Rule and Action - Select