For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Icon for Altostratus rank

Altostratus

Dec 04, 2015

iRule to specify SSL-client profile?

Is it possible to specify a ssl profile based on source IP? I have a situation where I want to allow TLS 1.0 from one or two hosts, but disable it for all other connections to a virtual server.

application delivery

2 Replies

Amine_Kadimi
MVP
Dec 05, 2015
Hi, yes it is possible. Here's the link with examples: https://devcentral.f5.com/wiki/iRules.SSL__profile.ashx
apatter_352470
Nimbostratus
Sep 20, 2018
Something to note that I ran into: if your virtual you are applying this to is in a route domain other than 0, your client ip should also have the route domain in it. Example: if { [IP::addr [IP::client_addr] equals "1.2.3.4%3"]} {

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

Community Articles

application delivery

container ingress services

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5