muj hashmi Posted November 10, 2023 Share Posted November 10, 2023 Hi Had a question about creating a netscaler policy, I think would be a referrer policy to create? We use our Access Gateway for our Sharefile employee login. So if you go to company.sharefile.com and click Employee Login, you hit our Netscaler gateway at access.company.com, authenticate on our domain, and then are redirected to the Sharefile page again. The issue is if you directly go to access.company.com, you can still log in. We want to block this page on direct access, and only make it visible if the URL you come from is SHAREFILE.COM. Is this possible? thanks Link to comment Share on other sites More sharing options...
Chad Buser Posted November 15, 2023 Share Posted November 15, 2023 Yes, I believe you can do this. I had a similar scenario a few years ago. I needed to have users authenticate first thru a SecureAuth Portal and not bypass this. I solved this by creating a Responder Policy and Action that was bound to the LBVS. The policy/expression looked for a cookie that came from the SecureAuth Portal and if there was none, then it redirected the user back to the Portal where they would Auth and get one. HTTP.REQ.COOKIE.CONTAINS("<yourcookievalue>").NOT If the users had the cookie then the flow would continue. Hope that helps. Chad Link to comment Share on other sites More sharing options...
muj hashmi Posted November 28, 2023 Author Share Posted November 28, 2023 On 11/14/2023 at 8:17 PM, Chad Buser said: Yes, I believe you can do this. I had a similar scenario a few years ago. I needed to have users authenticate first thru a SecureAuth Portal and not bypass this. I solved this by creating a Responder Policy and Action that was bound to the LBVS. The policy/expression looked for a cookie that came from the SecureAuth Portal and if there was none, then it redirected the user back to the Portal where they would Auth and get one. HTTP.REQ.COOKIE.CONTAINS("<yourcookievalue>").NOT If the users had the cookie then the flow would continue. Hope that helps. Chad so How would I obtain a cookievalue? Also, Responder action shows (NOOP, RESET, DROP, LOGOUT, HTTP-HTTPS, RESPONDWITH). Which action is used? Link to comment Share on other sites More sharing options...
muj hashmi Posted November 28, 2023 Author Share Posted November 28, 2023 so How would I obtain a cookievalue? Also, Responder action shows (NOOP, RESET, DROP, LOGOUT, HTTP-HTTPS, RESPONDWITH). Which action is used? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now