Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

BIG-IP 17.0 ASM Cookie based allow requests

Go to solution
f5gurunot
Cirrus
Cirrus

‎08-Feb-2023 17:52

Is it possible to allow requests through the ASM if the client sending the request has a unique cookie with a particular value?  I want to whitelist these requests based on this cookie.  If this is possible would someone please share with me how this is accomplished?

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Amine_Kadimi
MVP
MVP

‎09-Feb-2023 04:33

You can do using a local traffic policy:

  1. Clone your existing ASM auto policy (which is assigned to the VS) to a new policy
  2. Add a rule to the new policy with the following condition: HTTP Cookie full string named 'x-you-cookie' contains 'your_string' at request time, and action disable ASM
  3. Reorder the rules so this rule takes precedence over the default rule.
  4. Save and publish the policy
  5. From your VS, remove the ASM auto policy and assign your new policy.

Amine_Kadimi_0-1675945911541.png

Amine_Kadimi_1-1675945957376.png

 

 

View solution in original post

1 REPLY 1

Go to solution
Amine_Kadimi
MVP
MVP

‎09-Feb-2023 04:33

You can do using a local traffic policy:

  1. Clone your existing ASM auto policy (which is assigned to the VS) to a new policy
  2. Add a rule to the new policy with the following condition: HTTP Cookie full string named 'x-you-cookie' contains 'your_string' at request time, and action disable ASM
  3. Reorder the rules so this rule takes precedence over the default rule.
  4. Save and publish the policy
  5. From your VS, remove the ASM auto policy and assign your new policy.

Amine_Kadimi_0-1675945911541.png

Amine_Kadimi_1-1675945957376.png

 

 

Copyright © 2023 Khoros, LLC