How to block MAM URL access through Browser
Article ID: CTX227689
Updated On:
Description
Accessing the MAM URL directly through browser prompts the users to enter their AD Credentials. It acts as a tool for users to validate their credentials (Username/Password).
Some might treat this as a Security Violation.
This article helps you to restrict the Browser access to MAM URL (NetScaler Gateway VIP) using Responder Policy feature on NetScaler
Instructions
Createone of the three responder policy suggested below and bind it to your NetScaler Gateway Virtual Server:NOTE: “_XM_XenMobileGateway” is the name of my NetScaler Gateway Virtual Server.
Responder Policy:
1. add responder policy Resp_Brow_Pol "HTTP.REQ.HEADER(\"User-Agent\").CONTAINS(\"Mozilla\")&&HTTP.REQ.URL.PATH_AND_QUERY.EQ(\"/vpn/index.html\")" DROP
2. add responder policy Resp_Brow_Pol_CR "!HTTP.REQ.HEADER(\"User-Agent\").CONTAINS(\"CitrixReceiver\")&&HTTP.REQ.URL.PATH_AND_QUERY.EQ(\"/vpn/index.html\")" DROP
3. add responder policy Resp_Brow_Pol_CR "HTTP.REQ.HEADER(\"User-Agent\").CONTAINS(\"CitrixReceiver\").NOT&&HTTP.REQ.URL.PATH_AND_QUERY.EQ(\"/vpn/index.html\")" DROP
Binding to NetScaler Gateway Virtual Server:
bind vpn vserver _XM_XenMobileGateway -policy Resp_Brow_Pol_CR -priority 100 -gotoPriorityExpression END -type REQUEST
Was this article helpful?
Yes
No
Powered by
