Forum Discussion
Mike_61640
Sep 01, 2012Nimbostratus
iRule to check Datagroup for allowed servers through a default VS
I'm sure there is a posting here that has an iRule that will check a datagroup or list of servers to see if they are allowed through a Virtual Server. Like to control traffic between two internal segments on my network.
Specifically I have the F5 Load Balancing traffic to the DMZ. I was looking for a way to control which DMZ servers are allowed to talk to my internal servers. Since I need to specify destination IP and port a VS seems the way to go, but not sure how I control access.
Thanks in advance.
Mike
- Richard__HarlanHistoric F5 AccountSomething like this should be able to do what you want. You add the iRule to a Any:Any TCP VIP. The data group would be the IP:port with a list of client allowed to talked to it. Below is the TCP version below that is the UDP version, nut much differet but make UDP calls. You would have to create a new VIP to deal with UDP traffic
- nitassEmployeethis is an another example in codeshare.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects