Documentation

 

 

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Panel
borderColor#145570
bgColorwhite
titleColorwhite
titleBGColor#145570
titleConfiguration Steps
Section
Column
width50%

Column
width50%


 

1. In the IIS window, select the SecureAuth IdP realm from the tree view pane

2. On the target pane, double-click the URL Rewrite icon

Panel
borderColor#126591
bgColorwhite
titleColorwhite
titleBGColor#126591
titleURL Rewrite
Section
Column
width50%

Column
width50%


 

3. On the URL Rewrite pane, on the Actions section in the upper right corner, click Add Rule(s) to create the first rule (i.e. to allow internal access to remain on this realm)

Panel
borderColor#3e7fa0
bgColorwhite
titleColorwhite
titleBGColor#3e7fa0
titleAdd Request Blocking Rule
Section
Column
width50%

Column
width50%


 

4. In the Add Request Blocking Rule dialog, select IP Address from the Block access based on dropdown

5. Select Matches the Pattern from the Block request that dropdown

6. Enter the first internal Pattern (IP Address) to allow, using " * " (dot asterisk) to enable a wildcard

7. Select Wildcards from the Using dropdown, if enabling wildcards

8. Click OK

Panel
borderColor#126591
bgColorwhite
titleColorwhite
titleBGColor#126591
titleEdit Inbound Rule
Section
Column
width50%

Column
width50%


 

9. Double-click the newly created rule to edit the settings for that rule

10. On the Edit Inbound Rule pane, click Add to add another IP address to the internally allowed list

11. In the Add Condition dialog, specify {REMOTE_ADDR} as the Condition input

12. Select Matches the Pattern from the Check if input string dropdown

13. Enter the Pattern and test it to verify it works

14. Click OK

Section
Column
width50%

Column
width50%


 

15. After adding all the internally allowed IP Addresses to the Conditions list, select Match Any from the Logical grouping dropdown

16. In the Action section, select None from the Action type dropdown

17. Enable Stop processing of subsequent rules

18. On the Actions section in the upper right corner, click Apply

19. Click Back to Rules

20. On the rules pane, click Add Rule(s) to add the next rule (to redirect external traffic)

Panel
borderColor#3e7fa0
bgColorwhite
titleColorwhite
titleBGColor#3e7fa0
titleAdd Blocking Request Rule
Section
Column
width50%

Column
width50%


 

21. In the Add Request Blocking Rule dialog, select IP Address from the Block access based on dropdown

22. Select Matches the Pattern from the Block request that dropdown

23. Enter the first internal Pattern (IP Address) to allow, using " " (asterisk) to enable a wildcard

24. Select Wildcards from the Using dropdown, if enabling wildcards

25. Click OK

Section
Column
width50%

Column
width50%


 

26. Double-click the newly created rule to edit the settings for that rule

27. On the Edit Inbound Rule pane, in the Action Properties frame, enter the Redirect URL (external realm)

28. If this realm is set for SAML 2.0 SP Initiated by POST, then select Temporary (307) from the Redirect type dropdown – this setting must be made in order to preserve the POST data

29. On the Actions section, click Apply

Section
Column
width50%

Column
width50%


 

30. Click Back to Rules to view the newly-created rule – there should now be two rules created, each of which can be given a more descriptive name for better identification

...

Panel
borderColor#145570
bgColorwhite
titleColorwhite
titleBGColor#145570
titleRelated Topics