Jump to content
Welcome to our new Citrix community!

Netscaler 5550 NS13.0 92.19.nc Policy question


muj hashmi

Recommended Posts

Hi

Had a question about creating a netscaler policy, I think would be a referrer policy to create? 

 

We use our Access Gateway for our Sharefile employee login. So if you go to company.sharefile.com and click Employee Login, you hit our Netscaler gateway at access.company.com, authenticate on our domain, and then are redirected to the Sharefile page again.

 

The issue is if you directly go to access.company.com, you can still log in. We want to block this page on direct access, and only make it visible if the URL you come from is SHAREFILE.COM. 

 

Is this possible? 

 

thanks

Link to comment
Share on other sites

Yes, I believe you can do this. I had a similar scenario a few years ago.

I needed to have users authenticate first thru a SecureAuth Portal and not bypass this.

 

I solved this by creating a Responder Policy and Action that was bound to the LBVS.

The policy/expression looked for a cookie that came from the SecureAuth Portal and if there was none, then it redirected the user back to the Portal where they would Auth and get one.

 

HTTP.REQ.COOKIE.CONTAINS("<yourcookievalue>").NOT

 

If the users had the cookie then the flow would continue.

 

Hope that helps.

Chad

Link to comment
Share on other sites

  • 2 weeks later...
On 11/14/2023 at 8:17 PM, Chad Buser said:

Yes, I believe you can do this. I had a similar scenario a few years ago.

I needed to have users authenticate first thru a SecureAuth Portal and not bypass this.

 

I solved this by creating a Responder Policy and Action that was bound to the LBVS.

The policy/expression looked for a cookie that came from the SecureAuth Portal and if there was none, then it redirected the user back to the Portal where they would Auth and get one.

 

HTTP.REQ.COOKIE.CONTAINS("<yourcookievalue>").NOT

 

If the users had the cookie then the flow would continue.

 

Hope that helps.

Chad

 

so How would I obtain a cookievalue? Also, Responder action shows (NOOP, RESET, DROP, LOGOUT, HTTP-HTTPS, RESPONDWITH). Which action is used?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...