Jump to content
Welcome to our new Citrix community!

Netscaler ADC Advanced Policy

Recommended Posts

Our environment needs to DENY access from any Mobile device and any MAC/iOS devices, but allow Linux and Windows

I have the Linux and Windows+EPA scan Piece in place

but am having an issue with the policy language for Denying the MAC / iOS and Mobile devices (android and windows Phones)


when i do the nspepi conversion of our old policies,  it comes up with this.   when i add the policy it says invalid rule. 


HTTP.REQ.HEADER("User-Agent").CONTAINS("CitrixReceiver").NOT && HTTP.REQ.HEADER("User-Agent").CONTAINS("Android") || HTTP.REQ.HEADER("User-Agent").CONTAINS("CitrixReceiver") && HTTP.REQ.HEADER("User-Agent").CONTAINS("iOS") || HTTP.REQ.HEADER("User-Agent").CONTAINS("CitrixReceiver") && HTTP.REQ.HEADER("User-Agent").CONTAINS("WindowsPhone")

Link to comment
Share on other sites

  • 2 months later...


I think the error is because of missing brackets between your AND expressions. This should work:


(HTTP.REQ.HEADER("User-Agent").CONTAINS("CitrixReceiver").NOT && HTTP.REQ.HEADER("User-Agent").CONTAINS("Android")) || (HTTP.REQ.HEADER("User-Agent").CONTAINS("CitrixReceiver") && HTTP.REQ.HEADER("User-Agent").CONTAINS("iOS")) || (HTTP.REQ.HEADER("User-Agent").CONTAINS("CitrixReceiver") && HTTP.REQ.HEADER("User-Agent").CONTAINS("WindowsPhone"))

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...