Eyad Wardani Posted November 14, 2023 Share Posted November 14, 2023 Hi, I was able to white list IPv4 addresses in NetScaler using the following expression in UI: CLIENT.IP.SRC.TYPECAST_TEXT_T.CONTAINS_ANY("Whitelist").NOT But I cannot get it to work based on the MAC address using the following expression in UI: CLIENT.ETHER.SRCMAC.TYPECAST_TEXT_T.CONTAINS_ANY("Whitelist_MAC").NOT Please note that the "Whitelist_MAC" will contain the allowed MAC addresses in the data set. Thanks for your help in advance. Link to comment Share on other sites More sharing options...
CarlStalhood Posted November 14, 2023 Share Posted November 14, 2023 Are the client machines and the NetScaler on the same Layer 2 subnet? If not, then the client MAC will be the router MAC. Link to comment Share on other sites More sharing options...
Eyad Wardani Posted November 14, 2023 Author Share Posted November 14, 2023 Oh no, the client machines and the NetScaler are not on the same Layer 2 subnet. The client machine is an iPhone. So I used the iPhone MAC address and it didn't work. Link to comment Share on other sites More sharing options...
CarlStalhood Posted November 15, 2023 Share Posted November 15, 2023 Citrix EPA scans can verify a client device's MAC address. This feature is for AAA or Citrix Gateway. https://docs.netscaler.com/en-us/citrix-gateway/current-release/vpn-user-config/advanced-endpoint-analysis-policies/epa-scan-for-whitelisted-mac-addresses.html Link to comment Share on other sites More sharing options...
Paul Blitz Posted January 25 Share Posted January 25 Of course, whilst EPA can look for a client mac address, EPA won't run on an iPhone ? Is this for Gateway / AAA, or something else? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now