Netscaler: Block Outlook Anywhere for external users

Responder Policy

Action: Reset
Expression: http.req.url.path.CONTAINS(“rpc”) && client.IP.SRC.IN_SUBNET(10.200.0.0/16).NOT

Bind it to exchange load balance vServer. This will block access to Exchange IIS “Rpc” virtual directory (Outlook Anywhere) for devices outside 10.200.0.0/16.

You can also go little beyond and create a pattern set and include

  1. owa
  2. rpc

and use the pattern set in the Responder Expression.

http.req.url.path.CONTAINS_ANY(“exch_ps”) && client.IP.SRC.IN_SUBNET(10.200.0.0/16).NOT

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s