Forum Discussion

Nimbostratus

Jul 23, 2015

Multiple CIDR ranges in virtual server

I have created a new Virtual Server to listen on port 25. I want just two IP ranges to be allowed through. In the Source Address field, I can add one of the ranges (x.x.x.x/x) but when I try to enter...

deployment

forward virtual server

Kevin_Stewart

Employee

Jul 23, 2015

Two options:

Create a 0.0.0.0/0 source and use an iRule to control access:

when CLIENT_ACCEPTED {
    if { ( [IP::addr [IP::client_addr] equals x.x.x.x/x] ) or ( [IP::addr [IP::client_addr] equals y.y.y.y/y] ) } {
        return
    } else {
        reject
    }
}

or you can use a datagroup:

when CLIENT_ACCEPTED {
    if { [class match [IP::client_addr] equals my_ip_datagroup] } {
        return
    } else {
        reject
    }
}

Create the same 0.0.0.0/0 source and use a system-level IP filter to control source range access.

Forum Discussion

Multiple CIDR ranges in virtual server

Recent Discussions

Mix NTLMv2 & Kerberos SSO in the same policy for different sub-URL

APM parse HTTP Connector json to message box, iRule etc.

Cannot turn off strict updates

Nature's Leaf CBD Gummies Is Right For You See Here

Custom https health monitor

Related Content

Integrating SSL Orchestrator with Fortinet FortiGate Virtual Edition as a Virtual Wire

Assistance with iRule using port ranges

Policy to forward to a range of ports

F5 Distributed Cloud – Multiple custom certificates for HTTP/TCP LB

Multiple Kubernetes Clusters and Path-Based Routing with F5 Distributed Cloud