Forum Discussion

ywa's avatar
ywa
Icon for Nimbostratus rankNimbostratus
Aug 16, 2021

LTM uri filtering with APM enabled

Hello,

 

I want to restrict the URI of a virtual server in a LTM policy. So, I created an LTM policy with a rule like this :

 

Conditions :

1. HTTP Host host is 'test.mydomain.com' at request time.

2. HTTP URI path starts with '/allowed' at request time.

 

Actions :

1. Forward traffic to pool '/Common/POOL_test' at request time.

 

The problem is if I add an APM policy on this virtual server. The LTM policy block the URIs used by the apm policy to make a session (like /my.policy, ...).

I try to allow /my.policy too but it's not working and anyway it's not the only uri.

 

Is there a simple way to avoid the ltm policy to block these or what is the recommended way to do this URI restriction when we have an APM policy set ?

 

Thanks

APM
application delivery
LTM

2 Replies

Sort By
    • ywa's avatar
      ywa
      Icon for Nimbostratus rankNimbostratus
      Aug 17, 2021

      Hello,

       

      Thanks for your answer.

       

      I want to keep the access policy control on the uri. Just allow the uri that the BigIP use to make the session.

       

      In fact, if I use an iRule like the one you give but without the "ACCESS::disable" part. It's working because by default the irule is not trigger for the internal access control URI used for the APM session.

       

      But it is not the case from the LTM policy and I was wondering if it was possible to do the same in the LTM policy (to avoid using an iRule just for that).