Is it possible to add domain based VPN routes instead of IPs?

Question

I want to enable APM policy that will route my company domain traffic( for e.g. site.company.com, app.company.com etc) instead of putting static IPs in the LAN address space? This way, I don't need to maintain all company public application&nbsp; IPs in the VPN settings.&nbsp;

shashe · Answer

can I have the FQDNs instead of CIDRs in the VPN tunnel scope?

lnxgeek · Answer

I haven't tried it myself, but you have the option under Client Settings to use "DNS Address Space" (I'm using v. 16.1).
&nbsp;

nikoolayy1 · Answer

You are talking about split tunnel from what I understand and split tunnel based on FQDN and not ip address (on your computer this will be seen ip routes that send specific traffic to the tunnel interface). The short answer is yes as this has been availabe in F5 APM for a long time. Look at the links below:
https://support.f5.com/csp/article/K55104964
https://support.f5.com/csp/article/K03430467
https://support.f5.com/csp/article/K49720803#link_07
&nbsp;
&nbsp;

Forum Discussion

Is it possible to add domain based VPN routes instead of IPs?

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

Modify vCMP-Guest with ansible not possible?

add /browerWeb Extension after domain name

HTTP Analytics Profile - Collect Domain Names

Is InterVLAN Routing possible in F5

How to find route domain OID

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS