Forum Discussion
IP Intelligence ASM Whitelisting and Route Domains
Hello, we are using ASM with IP Intelligence, and need to whitelist some IPs.
We have entered the IP addresses to the whitelist, but they keep being blocked by the ASM Violations related to IP Intelligence. In the ASM Logs they appear with the Route Domain ID, that creates some confusion.
Have some of you used IP Intelligence in a F5 with Route Domains? Could it be that those IPs are not being blocked because we haven't specified the associated route domain in the whitelist entry?
If the same F5 has several route domains, and with several applications protected by ASM, should we enter the combination of [whitelisted ip]%[routedomain] for each IP for each route domain involved?
Thank you in advance!
- fpieressaAltostratus
Hi Eric! We have tested it in our Lab, and you are right: You need to configure each whitelisted IP address as [whitelisted ip]%[routedomain].
- Erik_NovakEmployeeFor each IP address that has been whitelisted, go to IP Address Exception Properties, and make sure that the checkbox to "Ignore IP Address Intelligence" is selected. That should eliminate the IP Address Intelligence violation associated with the whitelisted IP.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com