Forum Discussion

jornlux's avatar
jornlux
Icon for Nimbostratus rankNimbostratus
May 09, 2022

APM SSLVPN - ACL assignment fails

Hello folks, first post !

 

We have an SSLVPN configuration where we would like to use iRules to attach prebuilt ACLs to user sessions.

The user's group memberships in Azure AD should determine which ACLs to attach. Auth and SAML response/assertions are OK, that we have found from logs.

As per the manual, this can be achieved by utilizing one of the following events: ACCESS_ACL_ALLOWED, ACCESS_ACL_DENIED.

As it seems, though, these events are never raised. For troubleshooting purposes, we have implemented basic logging for the two with the following code, but neither produce any logs anywhere.

when ACCESS_ACL_ALLOWED {
	log local0. "Raised event ACCESS_ACL_ALLOWED"
}

when ACCESS_ACL_DENIED {
	log local0. "Raised event ACCESS_ACL_DENIED"
}

Are we completely off track?