Forum Discussion
Multiple BIG-IP LTM Policies
You can use x forward for enable for getting actual client ip in backend server(if it's http traffic). If you restrict tls version in F5, then that traffic only accept (you can create client SSL profile and only need to allow Tls1.2 or higher).
Thanks for your response, yes we use the X forward, we are working to restrict the VIP to TLS 1.2, and we use the Policy to send the information that can parsed via Splunk from the IIS logs. It allows us to determine which clients are still utilizing TLS 1.0/1.1 and determine how to remediate that service call or end user application. So would putting that policy above the existing policy allow the HTTP headers values to be inserted for logging purposes and the existing policy still route traffic appropriately?
- Mayur_SutareAug 16, 2024MVP
Hi jomedusa Yes, you can have multiple LTM policies on a single VIP and it will be processed based on the order you have set. You can also have all the conditions to match under single policy also. Its upto you how do you want to configure it. Hope it helps!
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com