Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

DavD's avatar
DavD
Icon for Nimbostratus rankNimbostratus
Mar 10, 2026

F5 Config - API Access on servers

Hello,, Pl. be gentle as I am new to this and am asking this on behalf of someone as their networking resource is ooo on some emergency. There are two separate, identical server instances hosting ...
application delivery
devops
management
Jeff_Granieri's avatar
Jeff_Granieri
Icon for Employee rankEmployee
Apr 24, 2026

Hi DavD​ ,

 

There are a few ways to go about this,  you can use an iRule or LTM Policies - both can achieve the same outcome.  I recommend you check these out: LTM Policy - Getting Started  & LTM Policy Basics   Also consider applying a health check to your backend pool members and whether you need Server side encryption (Server SSL profile)  

You can use these tmsh commands as reference for to create and apply a LTM policy, they need to be modified to reflect the actual names

# =====================================================
# 1. Update Virtual Server with required profiles, one connect may be applied if needed
# =====================================================
tmsh modify ltm virtual vs-app-api profiles replace-all-with {
    http
    clientssl-app.mydomain.com
    serverssl
  }

# =====================================================
# 2. Create LTM Policy with URI rewrite rule
# =====================================================
tmsh create ltm policy policy-rewrite-checkinventory \
    strategy first-match \
    rules {
        rewrite-checkinventory {
            conditions {
                0 {
                    http-uri path starts-with /CheckInventory
                }
            }
            actions {
                0 {
                    rewrite uri value /ne/curr/CheckInventory
                }
                # Optional: rewrite Host header
                # 1 { replace http-header Host value prod.mydomain.com }
            }
        }
    }

# =====================================================
# 3. Attach the policy to the Virtual Server
# =====================================================
tmsh modify ltm virtual vs-app-api policies add { policy-rewrite-checkinventory }

# =====================================================
# 4. (Recommended) Add HTTPS health monitor to pool
# =====================================================
tmsh modify ltm pool pool-prod-api monitor https

# =====================================================
# 5. Save the configuration
# =====================================================
tmsh save sys config