Updated 1/22/2013 • Originally posted on 22-Jan-2013 by
i need your help about acl on apm.Namely, I am able to give remote access with acl and everything's ok . No problem on that. But. ı am unable to make configuration for icmp. As you know We are able to specify either tcp or udp or all protocols on the action type.However, ı need to allow icmp echo packets on the acl. If i remove the discarding acl ok I can ping to backend side but at this time you know we need to add all ports one by one.to discard. I wonder can we use an irule for that? Or is there another way besides of this? Because I am trying to make user based autentication and no problem on that.Namely, users are able to connect to system through AD. I mean if user is john , he goes to 80 port of 10.35.10.80 server but if user is ken , he goes to port 389 of 10.35.10.80 again.
content of test_acl example:
type : static
Source IP Address:Any
Source IP Port:Any
Destination IP Address:10.35.10.80
Destination IP Port:80
Destination IP Address:Any
Destination IP Port:AllPort
Thank you in advance
what you said is for only existing vlan on network configuration for ltm but i already want to allow icmp trafficinstead of discarding or rejection if i do as you said at that time it won't work in the acl table which i will create . i think it must be different way of that
Am having the same problem/challenge. Migrating from a Firepass which allows rules for ICMP per Resource Group to an APM which seems to only allow Packet Filters for ICMP on a per Virtual Server basis. I don't want to have to put in a Virtual Server to replace each Resource Group. Is there another way to apply a filter like that closer to the destination?
Thanks in advance