Forum Discussion

buzzkin's avatar
Icon for Altostratus rankAltostratus
Jun 29, 2023

Different policies same destination and pool

Hello, I started recently administrated a f5 big-ip waf. The previous administrator created a single virtual server for multiple websites (there are multiple SSL certificates on this virtual server...
  • Mohamed_Salah_'s avatar
    Jun 29, 2023


    Since the current setup now is using one virtual server IP for all services, and multiple ceritficates, you can create a LTM policy and start checking for the host header and based on this, apply the appropriate ASM polict based on this service.

    For example:


    if host header = when http request, Action: apply ASM policy 1.


    if host header = when http request, Action: apply ASM policy 2.

    and so on, until you apply different ASM policies on all services. and then add a default rule at the end of the LTM policy, for exmaple (forward to pool x or disable ASM)

    A fter finishing the policy, you must publish it and then assign the policy to the virtual server. everytime you caan to add/modify rule, you will need first to clone it and then modify the rules, and publish the policy again.

    here is an example: