Forum Discussion

tony_iervolino_'s avatar
tony_iervolino_
Icon for Nimbostratus rankNimbostratus
May 10, 2018

Bypass APM on specific subnets

I'm trying to write an Irule that bypasses the APM for specific subnets. Irule works great at bypassing anything on the 10.0.0.0/8 subnet but the problem is I don't want it to bypass the APM for this specific subnet which is used by our mobility devices. In fact this subnet needs to land on the Login page as it's an SSID that has Internet out only. What happens is we don't even reach the APM login page but instead we reach the windows Auth page which we don't want. How would be write an Irule that would do this. the subnet in fact is 10.3.200.0/21 when HTTP_REQUEST { if { ([IP::client_addr] == "10.3.220.0") } { ACCESS::enable } elseif { [IP::addr [IP::client_addr]/8 equals 10.0.0.0] or [IP::addr [IP::client_addr]/16 equals 192.168.0.0] or [IP::addr [IP::client_addr]/12 equals 172.16.0.0] } { ACCESS::disable } }

 

1 Reply

  • Try this:

    when HTTP_REQUEST { 
        if { [IP::addr [IP::client_addr] equals 10.3.220.0/21] } {
            ACCESS::enable 
        } 
        elseif { [IP::addr [IP::client_addr] equals 10.0.0.0/8] or [IP::addr [IP::client_addr] equals 192.168.0.0/16] or [IP::addr [IP::client_addr] equals 172.16.0.0/12] } {
            ACCESS::disable
        }
    }