Forum Discussion

Nimbostratus

May 07, 2019

L7 https ACL with APM SSL VPN not working

Hi, I am building a POC for Client SSl VPN with F5 APM in AWS. Since we are using AWS I would like to use L7 ACLs instead of L4 since IP addresses keep changing in AWS. I got it working for http...

acl

AWS

BIG-IP Access Policy Manager (APM)

cloud

https

Stanislas_Piro2

Cumulonimbus

May 07, 2019

Do you want to use L7 ACL to filter URL inside a Network Access tunnel?

If this what you expect, the problem is that HTTPS is not HTTP with secured content but HTTP inside a TLS tunnel...

So until you don't terminate the TLS tunnel on the bigIP, you can't read the HTTP request, and so you can't read the URL...

when you create a virtual server with clientSSL profile, it terminate the SSL allowing you to read the HTTP request.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

L7 https ACL with APM SSL VPN not working

Recent Discussions

APM with EntraID as idP / request signed

Should config via cli rather than gui?

Background Tasks

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

F5 SMTP Fast Template - SNAT Not working as expected

Https redirect with exceptions not working

Making Android SSL Work Correctly.

Redirect HTTP to HTTPS and path using iRules not working

Make Your Cache Work For You

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS