Forum Discussion
limit IP access to certain URIs
Well, a Local Traffic Policy is the most appropriate (and easiest) way to achieve this.
You need a first-match policy that has three rules
the top rule checks for both the allowed IP addresses and the restricted URIs, and forwards the traffic to the pool
the next rule (above the final default rule) checks for the restricted URIs, and redirects the request back to an allowed URI or a suitable "access denied" page
the final rule is a default rule that passes all traffic requests to the pool
Thanks - I kept getting tangled with ASM in my traffic rule. I will set this one up.
Vered
- Simon_BlakelyFeb 05, 2020Employee
OK - you will want to enable the ASM policy on the default and the top rule that pass traffic to the pool members. The rule that redirects non-valid users from the restricted URIs does not need ASM inspection.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com