Netscaler: Block Outlook Anywhere for external users

Responder Policy

Action: Reset
Expression: http.req.url.path.CONTAINS(“rpc”) && client.IP.SRC.IN_SUBNET(10.200.0.0/16).NOT
Bind it to exchange load balance vServer. This will block access to Exchange IIS “Rpc” virtual directory (Outlook Anywhere) for devices outside 10.200.0.0/16.
You can also go little beyond and create a pattern set and include

  1. owa
  2. rpc

and use the pattern set in the Responder Expression.
http.req.url.path.CONTAINS_ANY(“exch_ps”) && client.IP.SRC.IN_SUBNET(10.200.0.0/16).NOT

Leave a comment

Your email address will not be published. Required fields are marked *

WordPress Appliance - Powered by TurnKey Linux