Forum Discussion

Eric_27859's avatar
Eric_27859
Icon for Nimbostratus rankNimbostratus
Mar 06, 2015

IP Intelligence ASM Whitelisting and Route Domains

Hello, we are using ASM with IP Intelligence, and need to whitelist some IPs.

 

We have entered the IP addresses to the whitelist, but they keep being blocked by the ASM Violations related to IP Intelligence. In the ASM Logs they appear with the Route Domain ID, that creates some confusion.

 

Have some of you used IP Intelligence in a F5 with Route Domains? Could it be that those IPs are not being blocked because we haven't specified the associated route domain in the whitelist entry?

 

If the same F5 has several route domains, and with several applications protected by ASM, should we enter the combination of [whitelisted ip]%[routedomain] for each IP for each route domain involved?

 

Thank you in advance!

 

  • Hi Eric! We have tested it in our Lab, and you are right: You need to configure each whitelisted IP address as [whitelisted ip]%[routedomain].

     

  • For each IP address that has been whitelisted, go to IP Address Exception Properties, and make sure that the checkbox to "Ignore IP Address Intelligence" is selected. That should eliminate the IP Address Intelligence violation associated with the whitelisted IP.