This article describes how to restrict access to Access Gateway or AAA Traffic Manager virtual server by using username and the responder feature of the NetScaler appliance.

This procedure does not work for restricting Graphical User Interface (GUI) or SSH access to the NetScaler appliance.

Instructions

The following are the requirements:

• Open an SSH console to the NetScaler appliance with nsroot credentials.

• A valid Active Directory user account.

• Responder feature that is licensed or enabled on the appliance.

To restrict access to Access Gateway Enterprise Edition virtual server or AAA Traffic Management virtual server, complete the following procedure:

1. Log on to the GUI of the appliance with the nsroot credentials.

2. Expand the Responder node, as shown in the following screen shots:

   NetScaler Software Release 10.1

   

   NetScaler Software Release 10

   

   NetScaler Software Release 9.x

   

3. Expand the Actions node.

4. Click Add.

5. Add the message, as shown in the following screen shot:

   

6. Click Create.

7. Expand the Policy node.

8. Click Add.

9. Add the expression and the associated Responder action, as shown in the following screen shot:

   

10. Bind the policy to the required object or at a global level, as NetScaler software release 9.x responder policies cannot be bound to Access Gateway virtual server.

11. Test and save the configuration:

    

    

12. Alternatively, run the following commands to restrict access to the virtual server from the command line interface of the appliance using the nsroot credentials:
    add responder action drop_user_action respondwith "\"Your access to this system has been revoked\""
    add responder policy drop_user_polcicy "HTTP.REQ.USER.NAME.SET_TEXT_MODE(IGNORECASE).EQ(\"user_name\")" drop_user_action
    bind responder global drop_user 100 END -type REQ_OVERRIDE
    Note: The responder policy is bound at a global level in the preceding commands.