Restrict access to VIP by source IP address

Question

Afternoon, 
&nbsp;  
&nbsp; I want to restrict access to a vip to only certain IP addresses, I have done that with the following iRule ( I took it from this forum) 
&nbsp;  
&nbsp; when HTTP_REQUEST { 
&nbsp; if { [IP::client_addr] eq "192.168.0.30" || [IP::client_addr] eq "192.168.3.10" || [IP::client_addr] eq "192.168.4.13" || [IP::client_addr] eq "192.168.5.16" } { 
&nbsp; pool testapps2s 
&nbsp; } else { 
&nbsp; HTTP::respond 200 content "Not AllowedYou are not allowed to access this site!" 
&nbsp; } 
&nbsp; } 
&nbsp;  
&nbsp; I want to add 3 different subnets to the above IPs (say 192.168.7.0, 192.168.9.0 and 102.168.12.0).  How would I accomodate that in the iRule - I am a novice when it comes to this so any help would be appreciated. 
&nbsp;  
&nbsp; Thanks  
&nbsp;

hoolio · Answer

Hi, 
&nbsp;  
&nbsp; It would be more efficient and easier to use an address type datagroup and the matchclass command (Click here) to do this.  Try searching the forum for address type datagroup for more info. 
&nbsp;  
&nbsp; Aaron

Forum Discussion

Restrict access to VIP by source IP address

1 Reply

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

F5 Networks F5CAB1 Exam - Need Help Regarding Prep

Username is not filled in EdgeClient in the Modern customization

The GSLB pool is providing an incorrect IP to end users

iRule causing requests to be duplicated (sometimes)

Cisco TACACS+ Config on ISE LTM Pair

Related Content

Restricting Access to Virtual from client IP address in X-Forwarder-For HTTP header

Office 365 Tenant Restrictions

Irule for restricting access

Restricting access to a virtual server by Public IP address should access through only domain name.

Restrict Access to Exchange Administrative Center - Enhanced

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS