Nolan_Jensen
Oct 19, 2021Cirrostratus
APM IP Subnet Match - single IP list
Hello, I am trying to figure out the best way to reference a single list of IP's in a few different access policies. Having this would allow me to just maintain one subnet match list and when upd...
- Oct 21, 2021
You can create a macro. In macro, select the server side security and IP subnet match for user's range. Call that macro in VPE.
For other option of iRule, you can use something like below
when ACCESS_POLICY_AGENT_EVENT { if { ([ACCESS::policy agent_id] eq "match") and (class match [IP::client_addr] equals kerberos_apm_subnet_match])}{ ACCESS::session data set session.custom.ip 0 } else { ACCESS::session data set session.custom.ip 1 } }
event ID should be "match" and expression should be "expr { [mcget {session.custom.ip}] == 0 }" to match the user subnet