Forum Discussion

mhtech_212580's avatar
mhtech_212580
Icon for Nimbostratus rankNimbostratus
Jul 23, 2015

Multiple CIDR ranges in virtual server

I have created a new Virtual Server to listen on port 25. I want just two IP ranges to be allowed through. In the Source Address field, I can add one of the ranges (x.x.x.x/x) but when I try to enter...
deployment
forward virtual server
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Jul 23, 2015

Two options:

  1. Create a 0.0.0.0/0 source and use an iRule to control access:

    when CLIENT_ACCEPTED {
    if { ( [IP::addr [IP::client_addr] equals x.x.x.x/x] ) or ( [IP::addr [IP::client_addr] equals y.y.y.y/y] ) } {
        return
    } else {
        reject
    }
}

    or you can use a datagroup:

    when CLIENT_ACCEPTED {
    if { [class match [IP::client_addr] equals my_ip_datagroup] } {
        return
    } else {
        reject
    }
}

  2. Create the same 0.0.0.0/0 source and use a system-level IP filter to control source range access.