Mike Smithson Posted February 20, 2023 Share Posted February 20, 2023 We currently have 2 separate EPA actions bound to auth 2 auth policies, one for Windows and one for macOS, both policies bound to a AAA vServer in a policy order Windows 100 --> NEXT ----> 110 Mac. We are using User-Agent header contain "Win" on the Window EPA auth policy in an attempt to only apply the Windows EPA scans to Windows, mac EPA auth policy has Agent header contain "mac" to apply to macOS. We appear to be getting inconsistent results. Is this the best method to approach this challenge? Link to comment Share on other sites More sharing options...
Steven Wright Posted February 22, 2023 Share Posted February 22, 2023 I would likely have written a single expression that did both. Perhaps something similar to: (CLIENT.OS(MacOS).VERSION == 10.13 && (CLIENT.APPLICATION('MAC-ANTIVIR_100021_0') EXISTS) || (CLIENT.OS(WIN8.1) EXISTS) && (CLIENT.APPLICATION(ANTIVIR_0_0_RTP_==_TRUE) EXISTS)First, the check will determine if the client has MacOS version 10.13 or above and a version of AV. Second, the check will identify if the client has Windows 8.1 and any version of AV. If either the first or second group of checks passes the EPA scan will return success. Link to comment Share on other sites More sharing options...
Anchala Bansal Posted February 24, 2023 Share Posted February 24, 2023 You can as well refer to following article which has detailed steps:- https://docs.citrix.com/en-us/citrix-adc/current-release/aaa-tm/configure-preauth-epa-scan-as-factor-in-nfactor.html Link to comment Share on other sites More sharing options...
Terry Hooper Posted March 28, 2023 Share Posted March 28, 2023 I'd also suggest reviewing the following article related to troubleshooting https://support.citrix.com/article/CTX209148/understanding-and-configuring-epa-verbose-logging-on-citrix-gateway as this will allow you to perform your own testing whilst reviewing the client EPA logs. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now