Forum Discussion
1 Reply
Sort By
- hooleylistCirrostratusHi John,
when CLIENT_ACCEPTED Check if client IP is 10.10.10.0/24 if {[IP::addr [IP::client_addr] equals 10.10.10.0/24]}{ Disable the client SSL profile SSL::disable } }
Can someone show me an iRule that would allow me to disable the SSL Client profile dynamically based on the source address. We have an app server that needs to talk http but all the other clients need to keep using HTTPS. Any help is very much appreciated.
Thank you,
You can use SSL::disable after checking the client IP. To check a single client IP address or range, you can use the IP::addr command (Click here). To check the client IP against multiple addresses or ranges, you can use the matchclass command (Click here).
when CLIENT_ACCEPTED
Check if client IP is 10.10.10.0/24
if {[IP::addr [IP::client_addr] equals 10.10.10.0/24]}{
Disable the client SSL profile
SSL::disable
}
}
Aaron