Forum Discussion
VernonWells
Nov 01, 2015Employee
I apologize; I'm not sure I follow your concern.
In general, the best approach to this is to create two separate Virtual Servers: one listening on 443 (with POOL1 assigned) and the other listening on 5443 (with POOL2 assigned). A BIG-IP takes a default deny posture (unless you are using AFM and override this), so your default condition above (
discard
) is implied. The two VS method is faster and generally, safer (since a logic bug in the iRule could cause unexpected results).