VPN Sorter

Problem this snippet solves:

An iRule that allows the sorting of VPN traffic to the various VPN servers on the back end based on negotiation protocol or IP protocol of the tunnel. This rule will require a persistence profile as well. With this rule a company could have the domain name vpn.mycompany.com and have more than one type of VPN server present.

Code :

when CLIENT_ACCEPTED {
        if {[IP::protocol] == 47 || [TCP::local_port] == 1723} {
# GRE used by MS PPTP server, TCP control channel
            pool ms_pptp
           }
        elseif {[IP::protocol] == 50 || [IP::protocol] == 51 || [UDP::local_port] == 500}  {
# AH and ESP used by IPSec, IKE used by IPSec
pool ipsec_pool
           }
        elseif {[IP::protocol] == 115} {
           pool l2tp_pool
# L2TP Protocol server
           }
        }
Published Mar 18, 2015
Version 1.0

Was this article helpful?

No CommentsBe the first to comment