cancel
Showing results for 
Search instead for 
Did you mean: 

Allow Specific URLs to Internal IPs only

Sharath413
Nimbostratus
Nimbostratus

I have a requirement where the urls on a website must be accessible from Internal networks only. what is the easiest way to do this without irules?

can I put in an IP address exception for private IPs and set it to 'Never block this IP' and add the URLs to blocklist to achieve this?

 

Please advise.

7 REPLIES 7

Lidev
MVP
MVP

Hi Sarath413,

Does this concern all URLs ? if it is that configure the Virtual Server on internal VLAN only.

0691T00000BSNUEQA5.png

 Thanks for the response. No, we want to allow few URLs externally and all URLs internally.

you can try to set this up :

1 - VS1 /Virtual Server exposed on internal VLAN without URL restrictions

2- VS2 /Virtual Server exposed on external VLAN (with same pool members VS1-) and add the URLs you want blocked in Disallowed URLs List.

 Sorry for the dumb question as I'm new to F5. Are external and Internal VLANs predefined? Mine is a one-arm deployment.

In one-arm , you cannot build the above configuration because you are only one VLAN/interface.

okay. In that case, can I achieve my requirement with IP address exception set to 'never block ' on Internal IPs and add the URLs to blocklist?

Yes, you can do it in this way. Just define all URLs , which should be available externally as allowed and set "Never Block" for internal IP. Just pay attention, that "Never Block" means don't block any violation from that IP.