Saturday, 10 December 2016

Procedure: Using a Responder to block access to a URL from a specific subnet

Create the responder action

In the Expression below, I am creating a HTML response that will respond with the blocked URL, the CLIENT IP and the CLIENT subnet, which is based on a 24-bit mask.

clip_image001[8]

Create a Responder policy

In the expression below, I am checking if the red URL is being accessed and if the subnet (again 24-bit mask) is in the subnet that is not permitted.

clip_image002[4]

Bind the Policy to the vServer

This is a simple process, click the + symbol on Policies, select Responder and bind the responder policy that you’ve created.

clip_image003[4]

clip_image004[4]

clip_image005[4]

Result

From a blocked client

clip_image006[4]

Check the reverse to ensure permitted clients are not blocked. The naming conventions for the NetScaler entities used in this blog post are not recommended in a production environment.

No comments:

Post a Comment