F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

TD_388740's avatar
TD_388740
Icon for Nimbostratus rankNimbostratus
May 07, 2019

L7 https ACL with APM SSL VPN not working

Hi, I am building a POC for Client SSl VPN with F5 APM in AWS. Since we are using AWS I would like to use L7 ACLs instead of L4 since IP addresses keep changing in AWS.   I got it working for http...
acl
aws
BIG-IP Access Policy Manager (APM)
cloud
https
l7
TD's avatar
TD
Icon for Nimbostratus rankNimbostratus
May 16, 2019

I solved it with the help of Henrik Gyllkrans. Thanks for your help Henrik.

We are now sending a list of ports and fqdn in a TCL formatted list (saved in an LDAP attribute) to the f5 during login and use an irule to do nslookups for all fqdns and create ACLs based on this information. Works good so far but needs some more work on the error catching. The F5 is set up as caching DNS to have better responses on the nslookups.