Forum Discussion
Nikoolayy1
Apr 22, 2021MVP
You can use the "ACCESS_POLICY_AGENT_EVENT" so that one time during the policy check before the network resource is assigned you can check the client IP address and set a custom variable after that use an General purpose “empty” object and make a branch rule to check if for example "expr { [mcget {session.vpn.private}] == "1" }" and make so that if the customer is in the private IP range then to not assign a "Network_access" object.
https://clouddocs.f5.com/api/irules/ACCESS_POLICY_AGENT_EVENT.html