Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Clear all filters
Answers

Multiple URL's to a single VS with ASM

So currently, I'm using iRules to send traffic to different pools, thus allowing us to use a single IP a little more efficiently. I would like to also be able to have these applications protected by ASM so I'm seeking a little guidance as to how to do this with the current iRule, or possibly using a policy if it's faster? Thanks in advance.

when HTTP_REQUEST {
    switch [string tolower [HTTP::host]] {
        "abc.com" { pool abc.com }
        "def.abc.com" { pool def.abc.com }
        "ghi.abc.com" { pool ghi.abc.com }
    }
}
0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

I do something similar (distribution via iRule), but assign the security policy to the VIP itself. However, our back-end pools all have the same security considerations so that works for us. If your differing pools have differing security considerations, then you would want to assign ASM profiles based upon those determinations (for example: Windows servers vs Linux servers would be a security profile consideration, or IIS vs Apache, etc).

This might help in that regard: https://devcentral.f5.com/questions/is-there-a-way-to-apply-a-different-asm-policy-with-irules-60073

1