Forum Discussion
kaoutar
Cirrus
CirrusiRule to assign ASM policy to VS by domain name
Hello All,
In order to reduce the amunt of public IPs assigned to our Web App, we decide to deploy multi apps in one VS, Im looking for a way to assign ASM policies to each web app according to the its Domain name,
Thanks in advance
- Daniel_Wolf
MVP
Hello,
try LTM Policies, no need for iRules. As an example:
KR
Daniel
kaoutarThank you
- kaoutar
Can you please tell me why i cant log any of http request even if the logging profile is activated?
- Daniel_Wolf
Shown where? I don't see a screenshot. This config works for me, nothing fancy...
- 小白
I have applied the strategy to my vs, but I still can't access vs through the domain name.Why is this
2019F5DevCentraI maybe looking at this a different way, but you should be able to load balance via Layer 7 and disabling and enabling the ASM within irules based on which select statement is triggered.
- Daniel_Wolf
You are right, assigning ASM policies by matching certain "Conditions", like URI Path or Host Header, is possible either ways - by iRules or by LTM Policies. LTM Policies are just my preferred way.
Result is the same...
- kaoutar
could you plleade provide me an example of that irule ?
- 2019F5DevCentra
Yes, for example you have a VIP that works off of HTTPS - Stream Enabled of course -
This would be the ASM Policy Applied on the VIP, as traffic passes you disable the policy to the specific Domain within the iRule.
when HTTP_REQUEST { STREAM::disable switch -glob [string tolower [HTTP::host]] { "site1.com" { pool /Common/Pool1Site1 } "site2.com" { pool /Common/Pool2Site2 ASM::disable } } }
