Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

AlexS_yb's avatar
AlexS_yb
Icon for Cirrocumulus rankCirrocumulus
5 years ago

using irules to deliver pages

Hi   I have a VS which is acting as my SSO - its the landing spot for multidomain SSO. I have a VS (it has ASM applied first) that then goes to another VS (this has APM applied)   I have a ...
BIG-IP Access Policy Manager (APM)
irules
security
Nikoolayy1's avatar
Nikoolayy1
Icon for MVP rankMVP
5 years ago

The description of your issue is confusing and better edit your question with precise description of the issue.

 

 

For the ASM VIP to APM VIP you use Layered VS (https://support.f5.com/csp/article/K54217479) ?

 

 

You can also configure the ASM to protect the APM login page, so no one can can click other pages if they have not passed the login page:

 

https://support.f5.com/csp/article/K13315545

 

 

I think that you can use the Per-Request policy to force again a login.

 

 

 

 

Better review your multy domain config if you think that there are issues as you need to be carefull with profile scope (https://devcentral.f5.com/s/question/0D51T00006j20Ce/v12-apm-profile-scope):

 

https://techdocs.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-authentication-sso-13-1-0/27.html

 

 

https://clouddocs.f5.com/training/community/iam/html/archived/class7/module1/lab7.html

 

 

 

 

 

For to clear APM session with iRule use "ACCESS::session remove"

 

 

https://clouddocs.f5.com/api/irules/ACCESS__session.html