Multiple CIDR ranges in virtual server

Question

I have created a new Virtual Server to listen on port 25. I want just two IP ranges to be allowed through. In the Source Address field, I can add one of the ranges (x.x.x.x/x) but when I try to enter the second one, the page reports an incorrect IP format. &nbsp;
How can I allow more than one IP range through my Virtual Server?&nbsp;
Thanks.&nbsp;

kevin_stewart · Answer

Two options:

Create a 0.0.0.0/0 source and use an iRule to control access:
when CLIENT_ACCEPTED {
    if { ( [IP::addr [IP::client_addr] equals x.x.x.x/x] ) or ( [IP::addr [IP::client_addr] equals y.y.y.y/y] ) } {
        return
    } else {
        reject
    }
}

or you can use a datagroup:
when CLIENT_ACCEPTED {
    if { [class match [IP::client_addr] equals my_ip_datagroup] } {
        return
    } else {
        reject
    }
}

Create the same 0.0.0.0/0 source and use a system-level IP filter to control source range access.

Forum Discussion

Multiple CIDR ranges in virtual server

Recent Discussions

Background Tasks

Which process is consuming higher CPU

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Client SSL Profile set to Require Client Certificate breaks RDP in APM

Related Content

Policy to forward to a range of ports

SSL Offloading for specific IPs or range of IPs

Remove iRule From Multiple Virtual Servers

SSL PROFILE - How to use multiple SSL Profile Client in Virtual Server

LineRate: Range header attack mitigation

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS