Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

IP Intelligence Custom Feed in ASM

thomasd93
Nimbostratus
Nimbostratus

‎27-May-2021 03:32

Hi,

 

we want to use custom feeds for our IP Intelligence to block IPs recognized by us as malicious.

With the AFM module we already succeeded with setting this up.

To also have the option of blocking the requests with ASM policies (to have a blocking page and not a TCP reset) we thought of using the custom feed to set the IPs to a category blocked in all of our ASM policies (for example tor_proxy).

However in our tests we noticed that the custom IPs are not blocked by ASM. Is this a known limitation? Are there ways to activate the custom IPs also in the ASM IP-Intelligence? (Manually blacklisting them via IP Address Exceptions is not a solution we want to use)

Labels:
1 REPLY 1

samstep
Cirrocumulus
Cirrocumulus

‎15-Sep-2021 07:10

you need ASM IP-Intelligence license to use the feature.

 

If you want to use your own list of custom IPs to be blocked by ASM, a potential solution would be to write an iRule which loads the IPS from a datagroup/iFile

0 Kudos
Copyright © 2023 Khoros, LLC