Forum Discussion

Nimbostratus

May 07, 2019

L7 https ACL with APM SSL VPN not working

Hi, I am building a POC for Client SSl VPN with F5 APM in AWS. Since we are using AWS I would like to use L7 ACLs instead of L4 since IP addresses keep changing in AWS. I got it working for http...

acl

aws

BIG-IP Access Policy Manager (APM)

cloud

https

Stanislas_Piro2

Cumulonimbus

May 07, 2019

Do you want to use L7 ACL to filter URL inside a Network Access tunnel?

If this what you expect, the problem is that HTTPS is not HTTP with secured content but HTTP inside a TLS tunnel...

So until you don't terminate the TLS tunnel on the bigIP, you can't read the HTTP request, and so you can't read the URL...

when you create a virtual server with clientSSL profile, it terminate the SSL allowing you to read the HTTP request.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

L7 https ACL with APM SSL VPN not working

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs

F5 BIG IP laboratory license

F5 mssql health monitor failing

How can I get started with iCall

Connection Rest f5

Related Content

F5 HTTPS Redirect 2025

How HTTP/2 Compression works under the hood

The State Of HTTP/2 With F5 LTM

HTTP redirect working but HTTPS not working

monitor does not work https

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS