Forum Discussion

Nimbostratus

Mar 07, 2024

Need to add multiple scanner IP to ASM policy

Hello Team, In our environment we have onboarded 40+ application on F5 ASM WAF and for all application we have created individual security policy but now there is one requirement, we need to whit...

Nimbostratus

Mar 08, 2024

To: avinasheokumar1@DogNeedsBest

So if i create parent policy and add all IP in IP exception so can it will work if i add all security policy as child policy ?
is there any Impact because we have performed multiple changes in security policy as per application requirement and we do not want to touch those changes.

You can create an IP type LTM data-group and define the allowed IP/subnet values. Then you can use an iRule to check the source IP address of the incoming traffic against the data-group and allow or block it accordingly.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Need to add multiple scanner IP to ASM policy

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

Could not communicate with the system. Try to reload page.

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

BotPoke Scanner Switches IP

Using n8n To Orchestrate Multiple Agents

LTM Policy

Reviewing vulnerability scanner results for an APM protected Virtual Server - part two

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS