Forum Discussion
Seçkin
Cirrus
CirrusGlobal Blacklist or Whitelist
Does anyone know f5 has blacklist or whitelist globally not per security policy?
Thanks
Hello,
I think you can go and check network network packet filter options and rules. from Networks > packet filter
"Global properties: You can configure three specific global properties for packet filtering."
Hello,
I think you can go and check network network packet filter options and rules. from Networks > packet filter
"Global properties: You can configure three specific global properties for packet filtering."
- Seçkin
Thanks Mohamed, i think this is the only solution for this question. Thanks again..
- Nikoolayy1
MVP
Better to attach irule or local traffic policy that just stops the ASM blocking for the source IP you want. You can see discussion :
- Seçkin
Thanks Niko but this solution is not effective for my solution because of you need to attach this irule or local traffic policy to your all virtual servers manually. If you think you have 200 virtual servers, that would be really hard for you.
- Nikoolayy1
You may call me Nik 😉 as a shortcut. I was going to also suggest to make a parent policy to attach the whitelist under it or to script the 200 VIP iRule attachment as no one will do this manually but Mohamed's solution seems nice as I did not know packet filters will unblock ASM/aWAF policy or DDOS blocking as this never crossed my mind as I thought that packet filters are just stateless layer 3/4 access lists that do not affect something like layer 7 Security but if that is the case it seems easy to do it and I may try it as well for some clients 😀
