Can iRule forward request to pool after ASM block without ASM:unblock ?

Question

Hello expert,&nbsp;I have written an iRule that when blocked forwards to other pools without any problems.It is done !when ASM_REQUEST_DONE  {
    if { [ASM::status] equals "blocked" } {
            ASM::unblock            
            HTTP::uri "/"
            pool pool_blockpage
            }
}&nbsp;I'm asking if there is a way to have blocked traffic directed to another pool without unblocking it ?Any help is appreciate.

amine_kadimi · Accepted Answer

Hi,
As per the traffic flow design, this would not be possible. You can consider that the request goes through LTM (the VS), then ASM (the security policy), then LTM if not blocked for further processing including sending to the pool member.&nbsp;
So in your scenario the request won't be handed from ASM back to LTM since it will be blocked without further processing.
See the image below for the flow details

&nbsp;

zamroni777 · Answer

you can configure redirect URL in asm profile's blocking page config&nbsp;

Forum Discussion

Can iRule forward request to pool after ASM block without ASM:unblock ?

2 Replies

Recent Discussions

Longtime adoption organization to begin operations In Tucson

Needles Fire spreads across California and Arizona

HA Sync issue on Active-Active Cluster

Name of iRule in variable?

F5 WAF risk assessment process

Related Content

Logging DNS Requests

Forwarding Request to Azure Firewall From F5 LTM

Distributed caching of authentication requests with NGINX Ingress Controller

Prevent a Spoof of an X-Forwarded-For Request with BIG-IP

Nodes forwarding