Citrix ADC / NetScaler Client IP or Subnet Black and Whitelist

Published by Jeroen Tielen on

Because all the commotion about the NetScaler vulrenability I decided to share my Client IP black and white list. This script will create a patternset which you can fill with ip’s or subnets.

This patternset is used in a policy expression which is used in a responder policy.

You can add direct ip’s in the format 192.168.2.57/32 or subnets in the format 192.168.2.57/28. The expression is only filtering form subnet /32 to /24. If you want more, just change the expression.

You can bind the responder policies against any vserver or global 😉 But don’t shut yourself out 😛

Note 1: The defaults are just for example and you need to fill in the public ip’s which you want to block/whitelist.
Note 2: Hackers use other ip’s or use VPN’s. So this is no 100% safe solution but just an extra step.
Note 3: I’m not responsible for any damage 😉

 

 


Jeroen Tielen

Experienced Consultant/Architect with a demonstrated history of working in the information technology and services industry. Skilled in Citrix, Microsoft, VMware, Ivanti, etc.

0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this:
WordPress Appliance - Powered by TurnKey Linux