Forum Discussion
You can only apply one access profile per virtual sever, so you will have to use layered virtual servers.
For example, having one Virtual Server, acting as a broker, then use an iRule to select the virtual server, with the associated access policy based on the required host header
This can be done using a simple switch statement, but does need to have multiple Virtual Servers.
when HTTP_REQUEST {
switch [string tolower [HTTP::host]] {
"www.site1.com" {
virtual site1_vs
}
"www.site2.com" {
virtual site2_vs
}
"www.site3.com" {
virtual site3_vs
}
}
- Stanislas_Piro2Jun 04, 2019Cumulonimbus
I agree With layered virtual server...
but routing based on http event requires ssl profile assigned to front virtual server...
APM can require ssl profile assigned to the 2nd virtual server :
- client cert authentication
- multi domain sso
- ...
so to make it work, you can use layered virtual servers based on TLS SNI extension which is same value as HTTP host header in real browser connection
look at this article
https://devcentral.f5.com/s/articles/sni-routing-with-big-ip-31348