Forum Discussion
kishanw_51248
Jun 13, 2012Nimbostratus
iRule to limit Sessions to Access Policy Manager based on Client IP
Hi,
We just discovered a vulnerability on our APM. A port scan was causing an alarm - Global concurrent access session limit reached
When this happens, legitimate users are unable to login through the F5 device as the max session limit is reached. We have tried setting the "Max Sessions Per User" to "2" under access profile (Version 10.2.3 HF1), but this does not have an impact.
Hence, the box is susceptible to DoS. Unfortunately we are unable to upgrade to v11.2 HF1 at this point in time.
I want to develop an iRule to limit the number of sessions a client IP is able establish to the box. Has anyone encountered this problem? If anyone has a built an iRule that can do this job, appreciate if you can let me know.
Thanks very much!
- Michael_YatesNimbostratusHi kishanw,
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects