F5 APM CLIENT SECURITY MAC ADDRESS
Our objective was we have list of mac address’s of our corparate systems in a text file lik below.
00:19:DB:DC:3E:8F 00:1D:92:47:75:EF
we need to check the user system mac address at the time of login ssl vpn , if user system mac address match with the list, then we allow for resource assign.
We go to use below irules for that.
when ACCESS_POLICY_AGENT_EVENT { switch [ACCESS::policy agent_id] { "Your_iRule_event_name" { set Client_MAC "[ACCESS::session data get session.client.mac_address]"; if { [class match $Client_MAC equals mac-datagroup] } { ACCESS::session data set session.custom.mac_accepted 1 } } } }
We need clarifications on below points
- Which type of data group should be used internal or external?
- In data group how format we enter the data. (00:1D:92:47:75:EF or mac := 00:1D:92:47:75:EF)
- In which column String or Value we need to enter Mac address.
- In VPC what is value we need to enter on Custom iRule Event Agent ID
-
Which type of data group should be used internal or external?
-
In data group how format we enter the data. (00:1D:92:47:75:EF or mac := 00:1D:92:47:75:EF)
-
In which column String or Value we need to enter Mac address.
-
In VPC what is value we need to enter on Custom iRule Event Agent ID
-