Forum Discussion

tacticman_89870's avatar
tacticman_89870
Icon for Nimbostratus rankNimbostratus
Jan 13, 2009

build new portal or new security without any risks ?

Hello all,

 

 

i am a new Firepass administrator. We often have to change pre-logon sequence and portal view and we only have one appliance.

 

 

Do you know how i can do that and test from outside before giving access to users.

 

 

I want to know if it's possible to use URI to have differents configuration that i can move ?

 

 

for users, we use : https://f5forusers.mycompany.com/ and i would like to check my changes on https://f5forusers.mycompany.com/development

 

 

Thank you

4 Replies

  • I have not seen a way to apply a pre-logon sequence to a specific landing.

     

  • Justin_Hayes_10's avatar
    Justin_Hayes_10
    Historic F5 Account
    The best way to test a pre-login sequence in a production environment is to set the very first check to be something obscure/unique/impossible for a normal user to meet and then set the fallback end page to Logon Allowed.

     

     

    This will allow you to set your test machine to meet the obscure condition (made-up registry keys are probably the easiest) and therefore traverse the more complex portion of the pre-login sequence that you're looking to test out.
  • Hi,

     

     

    I agree that a dummy check up front is probably the easiest and quickest way to do this also. However, there may be something else you can try. In your PreLogon Sequence, insert a new action as per normal. When the right hand pane opens with the list of inspectors you can choose from, select "New action" from the "Using" drop down list box second from the top and hit "Apply Changes". Now click on the "New Action" inspector and give it a name (like Check URI) and description and hit update. Now, to the right of your new action select the + symbol (with the ^ above and below) to allow you to insert a new rule. Give the rule a name like "development" (in your case) and for the rule enter session.network.server.land_uri == "/development" and hit "Insert rule". This should then allow you to branch the PreLogon sequence based on the landing URI (as you requested). Just a tip though, i'm not 100% sure it will be /development or just development so please play around with it to make it work for you.

     

     

    Just a final tip, you can enable Session Variable Dump under Device Management -> Maintenance -> Troubleshooting Tools. What this does is allow you to see the session variables created during the logon process when the select the user account under Reports -> Logons for the purposes of troubleshooting.

     

     

    Good luck!

     

     

    Cheers,

     

    Mal