Forum Discussion
Will_33786
Nimbostratus
NimbostratusHow do I record the IP assigned to a client after login?
Hello,
I need to record clients' IP address assigned by network access. I searched on Ask f5 it looks like that the variable "session.assigned.clientip" is what I need. So I tried to use an irule to get it but failed.
Here is my irule:
when ACCESS_SESSION_STARTED {
set user [ACCESS::session data get "session.logon.last.username"]
set client [IP::client_addr]
set assignip [ACCESS::session data get "session.assigned.clientip"]
log local0. "LOGON:$user login successful from $client, assigned $assignip"
}
I have tried other events like ACCESS_POLICY_AGENT_EVENT, ACCESS_POLICY_COMPLETED but haven't worked either. Does anyone know how can I log the clients' IP address assigned by network access. I will appreciate it!
The VPN address is assigned after the APM policy is completed. Use an iRule to detect the VPN startup URI and then wait a few seconds before querying session.assigned.clientip.
when CLIENT_ACCEPTED { ACCESS::restrict_irule_events disable } when HTTP_REQUEST { if { [HTTP::uri] starts_with "/myvpn?sess=" } { after 5000 { log local0. "VPN started for [ACCESS::session data get session.logon.last.username] from IP [IP::client_addr] assigned client IP [ACCESS::session data get session.assigned.clientip]"} } }
kunjan_118660Cumulonimbus
Please refer the soln article on this
https://support.f5.com/kb/en-us/solutions/public/12000/700/sol12706.html
Will_33786Thank you kunjan. I saw this article. But it just applies to the version previous 10.2.2. And according to the article "IG-IP APM does not populate the session.assigned.clientip session variable until access policy processing is completed", I tried event ACCESS_POLICY_COMPLETED, it's supposed to works.
kunjanPlease refer the soln article on this
https://support.f5.com/kb/en-us/solutions/public/12000/700/sol12706.html
- Will_33786Thank you kunjan. I saw this article. But it just applies to the version previous 10.2.2. And according to the article "IG-IP APM does not populate the session.assigned.clientip session variable until access policy processing is completed", I tried event ACCESS_POLICY_COMPLETED, it's supposed to works.
- kunjan_118660
I think the soln still applicable as there is no change to the process, PPP tunnel to be up for this which happens after ACCESS_POLICY_COMPLETED .
- Will_33786John's answer have solved this question perfectly. Thanks nonetheless!
- kunjan
I think the soln still applicable as there is no change to the process, PPP tunnel to be up for this which happens after ACCESS_POLICY_COMPLETED .
- Will_33786John's answer have solved this question perfectly. Thanks nonetheless!
The VPN address is assigned after the APM policy is completed. Use an iRule to detect the VPN startup URI and then wait a few seconds before querying session.assigned.clientip.
when CLIENT_ACCEPTED { ACCESS::restrict_irule_events disable } when HTTP_REQUEST { if { [HTTP::uri] starts_with "/myvpn?sess=" } { after 5000 { log local0. "VPN started for [ACCESS::session data get session.logon.last.username] from IP [IP::client_addr] assigned client IP [ACCESS::session data get session.assigned.clientip]"} } }- Will_33786Hi John. Your solution works! It's exactly what I want. You just gave me a big help. Thank you!
- Glad it worked for you.
- DevBabu
Cirrus
Has the URI changed in version 12.1.3.4. I am running 12.1.3.4 and couldn't catch that URI /myvpn?sess=.
When i did URI logging and saw URI /isession?sess= and I could get the session.assigned.clientip.
So, my rule looks like:
when CLIENT_ACCEPTED { ACCESS::restrict_irule_events disable } when HTTP_REQUEST { if { [HTTP::uri] starts_with "/isession?sess=" } { after 5000 { log local0. "VPN started for [ACCESS::session data get session.logon.last.username] from IP [IP::client_addr] assigned client IP [ACCESS::session data get session.assigned.clientip]"} } }