Forum Discussion
CirrocumulusGetting basic auth prompt before apm logon page event
A quick update.
Latest rule is not correct, pasted the wrong one from the clipboard.
Here the latest.
when HTTP_REQUEST {
if { [IP::addr [IP::client_addr] equals "10.0.0.0/8"] or [IP::addr [IP::client_addr] equals "192.168.0.0/16"] or [IP::addr [IP::client_addr] equals "172.16.0.0/12"] } {
if { [ACCESS::session data get session.ntlm.last.result] eq 1 } {
ECA::disable
} else {
ECA::enable
ECA::select select_ntlm:/Common/ntlm_profile
#log local0. "eca enabled"
}
} else {
ECA::disable
#log local0. "RFC1918 ECA disable"
}
}
MVPCan you share the config / iRule(s) you are using?
Usually, when something seems off with iRules, I try to add logging and take a look at this reference:
It shows iRules HTTP and ACCESS event order.
Cirrocumuluswhen HTTP_REQUEST {
if { [ACCESS::session data get session.ntlm.last.result] eq 1 } {
ECA::disable
} else {
ECA::enable
ECA::select select_ntlm:/Common/ntlm_config
}
}
This the one used now, but want to try and change it to this instead.
when HTTP_REQUEST {
if { [IP::addr [IP::client_addr] equals 10.0.0.0/8] or [IP::addr [IP::client_addr] equals 192.168.0.0/16] or [IP::addr [IP::client_addr] equals 172.16.0.0/12] } {
ECA::disable
}
elseif { [ACCESS::session data get session.ntlm.last.result] eq 1 } {
ECA::disable
}
else {
ECA::enable
ECA::select select_ntlm:/Common/ntlm_config
}
}
