Limit access to a virtual server only when resource selected on WebTop

Question

I have a policy for users to use a WebTop in order to access resources. In a few cases the portal-access method was not working because of some Java intensive websites. To work around this I created virtual servers with an assigned pool to the resource, and then added a WebTop link to the virtual server to the WebTop. &nbsp;
It works, but I need to prevent someone from simply going to the virtual server directly without first using the policy. First thought was through an iRule looking for the MRHSession cookie. The iRule is:&nbsp;
when HTTP_REQUEST {
if { not [HTTP::cookie exists "MRHSession" ] } {
reject 
}
}&nbsp;
This works when applied to the virtual server. However, due to inconsistencies of users and their handling of cookies I have ran into problems. So I am researching other methods.&nbsp;
If anyone has any ideas on how to Enforce policy completion for access to a virtual server I would appreciate it. &nbsp;

stanislas_piro2 · Answer

The best practice is to &nbsp;
use multi domain ssocreate one ACL related to web top linkassign it with webtop link 
Assign a drop all ACL to any users with ACL order value higher than all other ACLassign access policy to virtual server

Forum Discussion

Limit access to a virtual server only when resource selected on WebTop

Recent Discussions

ports are showing open on online scanning tool

Upgrade F5 BIGIP

DNS HM Probe issue

Is XFF a must for ASM WAF DoS

Switch ssl profile based on weak cipher detection via IRULE

Related Content

F5 Resources for COVID-19

What should one perform after successful resource provisioning on virtual F5 appliance?

Resource Pools versus Virtual Machine Pools

Re: Mitigate OWASP API Security API4:2019 Lack of Resources and Rate Limiting using F5 Distributed C

Selective Compression on BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS