F5 APM EMAIL Alert : failed VPN connection

imabbas_90 · ‎13-Jul-2023

Hello All,

I need a solution for APM VPE editor Macros for the below. any help on this would be much helpful

Actually, when the user fails to log in to the VPN they should receive an email with due to what reason they failed to log in.

reasons might be like this.

1 pass 0 fail

=====================================================================================

Subject: F5 VPN session failed: session ID

Message:

Hello User: username,

Your VPN session failed.

1. Certificate check: 1

2. MFA : 0 or 1

3. AV check: 1 or 0

4. Firewall check: 1:0

5. AD Auth: 1 or 0

Your session has failed due to the above reason where it's mentioned as 0.

Kindly get in touch Network administrator to get the issue fixed.

To self troubleshoot click on the link: SNOW KB link.

===============================================================================================

TIA

KeesvandenBos · ‎15-Jul-2023

Hi,

Create a macro to send the email. In the body use %{custom.session.failure} to show the message.
In your main policy insert a variable assign after every failure branch. Variable is custom.session.failure, Text is "error message for the failure"
So for Certificate check, after the failed branch the custom.session.failure text will be: Certificate Check Failed.

Insert the send email macro after every variable assign (failed branch).

I have a question, how do you know the email address of a user if any of the test fail before you get their email address via AD Auth or Certiciate check?

Cheers,
Kees

DevCentral

F5 APM EMAIL Alert : failed VPN connection

MFA required on DevCentral