Forum Discussion

mlanghorst's avatar
mlanghorst
Icon for Nimbostratus rankNimbostratus
Apr 27, 2022

Trouble redirecting on APM rejection.

I've got a website that allows for both http and https.  One uri requires user certificate authentication, which obviously can't occur on the http side.  I've created an APM policy that does the on-demand certificate authentication and applied the policy to both the HTTP and HTTPS VS's.  Then with an irule, if the uri doesn't contain that path, use the ACCESS::disable.  That's all working as expected.

But when the user is denied,  how can I redirect them to a custom page, rather than the default f5 access denied pages?  I found this page that seems to say I should have a redirect option in the APM policy, but I only have ALLOW,DENY as options: https://techdocs.f5.com/en-us/bigip-15-1-0/big-ip-access-policy-manager-visual-policy-editor/visual-policy-editor/about-access-policy-endings.html

Thanks

  •  Do you mean like this?
    Setup your APM policy so instead of deny you make a new end which is a redirect?
    So at the top of the policy click Edit Endings

    You then see this, click "Add Ending" and select the redirect radio button and set it where ever you want it to go.

    The click on the Allow/Deny and change the Ending to the new redirection ending (or what ever you called it)

     

  •  Do you mean like this?
    Setup your APM policy so instead of deny you make a new end which is a redirect?
    So at the top of the policy click Edit Endings

    You then see this, click "Add Ending" and select the redirect radio button and set it where ever you want it to go.

    The click on the Allow/Deny and change the Ending to the new redirection ending (or what ever you called it)

     

  • Thanks, it's been awhile since I'd done the training labs and forgot you had to add the additional endings.