Forum Discussion
F5 XC WAF requirement is to allow traffic from specific source site on downstream and upstream side.
We want to allow traffic from CHE and MUM site only at downstream connectivity and also at upstream connection should be from same sites only. As over firewall we allowed traffic from F5 ASIA regions IP only.
Downstream: As we have specific VIP IP, if we made same changes in VIP Advertisement does it pass only through MUM and CHE, as VIP belongs to ASIA region only.
Upstream: We allowed traffic through Specific Virtual Site from INDIA only in Origin Server so it will help us to pass traffic through this site towards server.
- sstockertEmployee
A few sources to achieve Regional Edge ingress and egress pinning.
F5 Distributed Cloud - Regional Decryption with Virtual Sites
F5 Distributed Cloud - Regional Edge Health Monitoring Insights
Better use the same Virtual Site for the dedicated IP on HTTP LB and also on the Origin Server in the Origin Pool from my experience that is limited only to Asia but keep mind I think that there are more than 2 RE that are part of the Asia region. Better use ves io country to limit it only to India when making the Virtual Site.
F5 Distributed Cloud - Regional Edges – F5 Distributed Cloud Services (zendesk.com)
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com