Forum Discussion

8 Replies

  • Yep, the best method is by user agent string and the allowance of the OS for MAC's.



    session.os.platform == "MacOS" OR


    session.os.platform == "Mac OS" OR


    session.os.platform == "MacOSX"



    Add this UAS string *iPad* into the new browser config and set it to like WAP or something. At this point, set a deny for all WAP devices.


  • Hi Mike thanks for your quick response , I'll appreciate if you can just point out this information on any F5 documents ? or guide reference if you know anyone ? Link ?



  • I don't know off hand. I guess you could just ask a support guy.


  • If you want to allow MAC's but block iPads, iPhones, iPod then one method I know which works is to analyse the session.browser.user_agent variable.





    If you are using the Check OS action you could add a new rule that will check for the session.browser.user_agent variable. Please remember that order does matter when defining rules. (i.e. if the rule session.os.platform is set to allow and the session.browser.user_agent is created below this rule and set to deny, an iPad will be presented with the FirePass logon screen. However if you put the session.browser.user_agent rule above the iPad will be denied)
  • Yeah, the problem with that is that you have to update the UAS everytime an update occurs. I would recommend placing a wildcard in the new browsers section to get set it to a specific OS and do allow/deny on that.
  • Hi Mike,



    Not sure I follow you when you mention 'new browsers section'? Are you saying create a new End User action? I'm always keen to use improved configuration methods hence my questions.



  • Go to the Admin Page -> Configuration -> New Browsers -> Classify the user agent by using wildcard *'s -> Associate the User Agent String to wap or something similar.



    In the Pre-logon sequence do an OS check for all WAP devices and choose deny.