Forum Discussion
buzzkin
Altostratus
AltostratusDifferent policies same destination and pool
Hello, I started recently administrated a f5 big-ip waf. The previous administrator created a single virtual server for multiple websites (there are multiple SSL certificates on this virtual server...
Hello,
Since the current setup now is using one virtual server IP for all services, and multiple ceritficates, you can create a LTM policy and start checking for the host header and based on this, apply the appropriate ASM polict based on this service.
For example:
Rule1:
if host header = www.abc.com when http request, Action: apply ASM policy 1.
Rule2:
if host header = www.aaa.com when http request, Action: apply ASM policy 2.
and so on, until you apply different ASM policies on all services. and then add a default rule at the end of the LTM policy, for exmaple (forward to pool x or disable ASM)
A fter finishing the policy, you must publish it and then assign the policy to the virtual server. everytime you caan to add/modify rule, you will need first to clone it and then modify the rules, and publish the policy again.
here is an example:
Thanks,
Mayur_Sutare
MVP
MVPHi buzzkin
I am still trying to understand your ask. If I have correctly understand it, then below should work for you.
If you want to have dedicated virtual server for each website then you can map desired SSL profile and a WAF policy to each vServer.
Also same pool can be mapped to multiple virtual servers.
Only big thing will change here is – your virtual server IP address for each website/app. Earlier it was common to each website/app.