Forum Discussion

Nimbostratus

May 17, 2016

iRule with ASM URL filtering

I have a website that the developers would like to have one particular /path available for internal access but deny for external users. The trick is that we use ASM URL Filtering. I can certainly r...

Historic F5 Account

May 17, 2016

If your private network has a single congruent subnet source (10.0.0.0/8), you could limit access using Source Mask on the virtual server. You could create a virtual server with the same settings as the existing one, but give it a source mask of the private network. This new virtual server could have a policy that allowed access to the URL while the other virtual server would handle all other source addresses. The virtual server that handles all other traffic could have a slightly different policy that just denied access to that URL in question. This way you can still reuse the existing IP address for the virtual servers, but have different virtual servers depending on the source address. With different virtual servers, you can have different ASM policies which have different restrictions.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

iRule with ASM URL filtering

F5 AppWorld 2026 Registration - early bird pricing.

Kostas Injeyan - October 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Building new F5 replica

F5 upgrades

R2600 device and tenant/partition configuration

expandsSubcollections and filtering in F5 SDK

Dnssec deployment

Related Content

iRules Style Guide

Re: F5 HTTPS Redirect iRule Update

BGP - filtering kernel redistribution

Hey DeepSeek, can you write iRules?

Hey Claude, can you write iRules?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS