Forum Discussion

Nimbostratus

Jul 23, 2015

Multiple CIDR ranges in virtual server

I have created a new Virtual Server to listen on port 25. I want just two IP ranges to be allowed through. In the Source Address field, I can add one of the ranges (x.x.x.x/x) but when I try to enter...

deployment

forward virtual server

Kevin_Stewart

Employee

Jul 23, 2015

Two options:

Create a 0.0.0.0/0 source and use an iRule to control access:

when CLIENT_ACCEPTED {
    if { ( [IP::addr [IP::client_addr] equals x.x.x.x/x] ) or ( [IP::addr [IP::client_addr] equals y.y.y.y/y] ) } {
        return
    } else {
        reject
    }
}

or you can use a datagroup:

when CLIENT_ACCEPTED {
    if { [class match [IP::client_addr] equals my_ip_datagroup] } {
        return
    } else {
        reject
    }
}

Create the same 0.0.0.0/0 source and use a system-level IP filter to control source range access.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Multiple CIDR ranges in virtual server

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Managing iRules configuration

Recommendation for Adv. Lab

Unable to Forward APM and AFM Logs to AWS CloudWatch Using Telemetry Streaming

How to configure ssh access by key on F5OS

F5 BIG-IP DNS/Audit Logs — Structured Format for SIEM Ingestion

Related Content

AI/Bot Traffic Throttling iRule (UA Substring + IP Range Mapping)

Three Ways to Specify Multiple Ports on a Virtual Server

Using n8n To Orchestrate Multiple Agents

iControl REST Cookbook - Virtual Server (ltm virtual)

multiple certificate on one virtual server

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS