Forum Discussion

JWhitesPro_1928

Cirrostratus

Nov 20, 2018

VPN/Network Access ACLs

Can AFM control the traffic of connected network access clients? I am trying to find a way to create VPN ACLs that is easier than the APM ACLs...not being able to use object groups or address lists ...

AFM

BIG-IP Access Policy Manager (APM)

security

JWhitesPro_1928

Cirrostratus

Nov 21, 2018

To add to this:

A single line in a cisco ACL can result in 50-100 or even more in the VPN acl since you can only do 1 source, one destination and one port in each acl rule. Is this not a problem for anyone else?

The only other thing I thought of was making a IP forwarding virtual server on the F5 that would catch all traffic from the VPN subnet so I could use AFM to create the rules...the problem there is that I miss out on being able to apply ACLs per session easily without having to check and make sure everything lines up perfectly between these two ways of setting acls.

Should I put in a feature request for VPN acls to get a more modern configuration interface/functionality?

Forum Discussion

VPN/Network Access ACLs

Recent Discussions

Open Redirection Mitigation

Azure DP-100 Exam Questions

GTM Packet Capture command

Wildcard SSL Certificate Deployment on F5 LTM

Migration from i series 10200 with 1 child VCMP to r series 10900 series

Related Content

Federated AWS Console Access Made Easy: F5 BIG-IP Access Policy Manager Access Guided Configurations

Protect your applications using F5’s Distributed Cloud and Fast ACL’s

F5 BIG-IP Access Policy Manager (APM) Machine Tunnels for Windows

How to change ACL forbidden page?

API Security: How to implement API Access Control with F5