Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

Local Traffic Policies Traffic matched order

This is about the Local Traffic >> Policies : Policy List.

Using the LTM / ASM version 12.1.3 it looks as the order of actions performed in the box "Do the following when the traffic is matched" is important. The security policy kicked in after moving the "Enable asm" above the "Forward traffic". However there is nothing mentioned about the order, also no options to change the order. Can someone confirm this behaviour ?

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Is the question related to the order between two different LTM policies?

In this case it doesn't matter, the forwarding will come after the ASM processing anyway.

0
Comments on this Answer
Comment made 1 week ago by Willy 270

It is within one LTM policy, check answer below to Stanislas Piron

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

The process order is always the same

LTM Virtual server match —> AFM policy —>  LTM policies —> irules —> APM policy —> ASM policy —-> load balancing    

Ltm policies actions order doesn’t change this!!!

0
Comments on this Answer
Comment made 1 week ago by Willy 270

The problem was within the LTM policy. We noticed that asm started blocking as expected after we changed the order in the box Do the following when the traffic is matched". When the "forward traffic" "to" "pool" was on top and the "Enable" "asm" at the bottom, we noticed the asm not blocking as expected. After changing the order "Enable" "asm" on top it blocked as expected.

0