Forum Discussion

Cirrus

Jun 28, 2013

Enable APM on Specific URI only and Force OTP

Hi All, I am trying to selctively enable APM policy processing on a SharePoint subsite. Basically what I want to do is authentication and OTP enforcement on a subsite of SharePoint. I created th...

BIG-IP Access Policy Manager (APM)

remote access

security

Michael_Koyfma1

Cirrus

Jun 28, 2013

Martjin,

There is a much better and cleaner way to do this, as playing with ACCESS::enable and ACCESS:disable on the same flow is not ideal.

I suggest the following. Leave your setup as is in terms of LTM flow. Remove ACCESS profile from it. Create new internal only(like 192.168.10.10) virtual server that would look identical to your existing one and put ACCESS profile on it. Also add OneCOnnect profile with 255.255.255.255 mask to your main existing virtual where you will remove ACCESS profile from.

Then modify your irule, and instead of ACCESS::enable command have this one: virtual virtual_name. Substitute the name of your internal virtual server where italicized, of course.

This way, any traffic that needs ot be protected will be sent to the patht that is always protected.

Give it a shot and let us know how it works out. Good luck

Martijn_65080

Cirrus

Aug 19, 2013

Hi Michael, I tried but the use of virtual virtualname is not allowed under when HTTP_REQUEST. I finally solved it a little bit differennt and dirty. See details here; https://devcentral.f5.com/questions/enable-apm-on-sharepoint-subsite-onlyanswer77972

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)