F5 APM: Traffic between two ssl vpn clients

Question

Hello,&nbsp;
is there a way to drop traffic between two ssl vpn users?
right now when 2 or more users are connected, there is nothing to prevent them from sharing files or communicating with each other...&nbsp;
we would like to create sort of "private vlan" or isolation between clients...&nbsp;
thanks&nbsp;

lucas_thompson_ · Answer

There is no built-in functionality for this. For your case however, if you only want to drop traffic, define a Virtual Server with the appropriate (the leasepool subnet IPs) Source and Destination addresses with a dummy "blackhole" pool, or use an irule on this virtual to drop the traffic.&nbsp;
Currently there is an enhancement request to allow built-in functionality of APM ACLs with VPN &lt;-&gt; VPN connections, the ID number is 366149. It would be helpful to express your desire for this functionality by opening a ticket with Support and mentioning this ID number.&nbsp;
There is also a related ACL enhancement request ID 532604 to allow ACLs to operate in LAN -&gt; VPN connections.&nbsp;

brad_parker · Answer

Here is the SOL for this.  https://support.f5.com/kb/en-us/solutions/public/13000/500/sol13515.html?sr=36851029&nbsp;

Forum Discussion

F5 APM: Traffic between two ssl vpn clients

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

fellow traffic

Enhance your Application Security using Client-side signals

Block traffic

Traffic Intelligence in AFM through Categories

Use topology labels to reduce cross-AZ ingress traffic with F5 CIS and EKS

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS