Forum Discussion

markonans_11916

Nimbostratus

May 14, 2015

Forwarding VS - with selective irule for SRC to DST only allowed to access (using data groups) - syntax fail

Hello this syntax looks logical to me, but is rejected. Can someone please help to tell me what i am doing wrong? when CLIENT_ACCEPTED { if {([class match [IP::client_addr] equals L2L_S...

Employee

May 14, 2015

it seems okay here. you have created data groups, haven't you?

root@(ve11c)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule qux
ltm rule qux {
    when CLIENT_ACCEPTED {
  if { ([class match [IP::client_addr] equals L2L_SITEA_SUBNETS] && [class match [IP::local_addr] equals L2L_SITEB_SUBNETS]) } {
    forward
    return
  } elseif { ([class match [IP::client_addr] equals L2L_SITEB_SUBNETS] && [class match [IP::local_addr] equals L2L_SITEA_SUBNETS]) } {
    forward
    return
  } else {
    drop
  }
}
}

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)