NimbostratusI'm looking for a way to create an ACL Irule - can someone guide me. Running 11.4
Allow traffic from a specific subnet ONLY access to defined VS & Deny this subnet to be able to pass traffic to any other VS & Deny all other traffic to this VS
NimbostratusSo if it is just one subnet that you are looking to control. In 11.4 you do have the ability to assign a single source subnet on the VS, and that should deny traffic from all other subnets but this one.
Nimbostratuscan you reference the article on where this is setup ad the process please.
NimbostratusI will looks for the article, but if you are running 11.4 just go into one of your VS it is the 5th line down it is called Source and the default is 0.0.0.0/0 (Allow All).
CirrusWhat is sounds like is a 2 part problem: Subnet X is allowed to get to VS1 but no other VS. No subnet except Subnet X is allowed to get to VS1.
With VS1 you can specify a Source under the General Properties of the VS1. This will block all except Subnet X from accessing VS1. To attack the second half of your issue, you may need an iRule to prevent Subnet X from accessing VS2,3,4, etc.. this can get unwieldy, I would suggest looking at the Network Firewall module if you have it and kill two birds with one stone. You can allow Subnet X to VS1 and prevent all others and prevent Subnet X from accessing all the other Virtual Servers.