Forum Discussion
Brian_Van_Stone
Jul 30, 2012Nimbostratus
Without an http profile you will not be able to query the URI.
Perhaps you can SNAT all requests from the restricted range to one SNAT pool, and all requests from the unrestricted range to a different SNAT pool. By doing this you could still perform IP restriction at the SA.
when CLIENT_ACCEPTED { if { [class match [IP::client_addr] equals allowed_nets] } { snatpool allowedForABC } else { snatpool everyoneElse }}