How to create responder policy allow/block a set of ip's

How to create responder policy allow/block a set of ip's

book

Article ID: CTX222249

calendar_today

Updated On:

Description

Create a responder policy to allow/block a set of ip's

Instructions

  • We need to first create a data set under AppExpert>Dataset
  • We need to put all the IP that we want to block/allow
User-added image
  • After creating the data set create the following responder policy

 

CLIENT.IP.SRC.TYPECAST_TEXT_T.CONTAINS_ANY("data_set")

In the above expression I have called the data set in the expression

For subnet range the policy will be as follows:

CLIENT.IP.SRC.IN_SUBNET(x.x.x.x/32)

Now if we want to evaluate single Ip and subnet we need to create the following expression:

CLIENT.IP.SRC.TYPECAST_TEXT_T.CONTAINS_ANY("data_set") && CLIENT.IP.SRC.IN_SUBNET(x.x.x.x/32)

>You can use other subnets using && operator. Take assistance of expression editor to configure the policy.
>And create a action (in this case I am creating a action as redirect) 
User-added image

>Bind the responder to the virtual server

Since the above expression is true for ip 1.1.1.1 you will get redirected to https://citrix.com

Powered by Wolken Software