This article describes how to use a Responder Policy to restrict access to the NetScaler Gateway based on client source IP or subnet.

Instructions

1. Create a Responder policy.
2. Set Action to DROP.
3. Use the following expression syntax: !CLIENT.IP.SRC.IN_SUBNET(10.0.0.0/24)
   1. The statement logic is IF a client IP is NOT within the following subnet range, THEN (DROP).
4. Bind to NetScaler Gateway Vserver.
5. The same can be applied to internal IPs or external IPs based on the Client IP range.