ProxySG Content Policy Language Guide
60
client.address=Tests the IP address of the client. The expression can include an IP address or subnet or the label of a
subnet definition block.
Important: If a user is explicitly proxied to the ProxySG, <Proxy> layer policy applies even if the
URL destination is an administrative URL for the ProxySG itself, and should therefore
also be covered under <Admin> layer policy. However, when the
client.address=trigger is used in an <Admin> layer, clients explicitly proxied to the
ProxySG appear to have their client IP address set to the IP address of the ProxySG.
Replaces: client_address=, acl=
Syntax
client.address=ip_address|subnet_label
where:
•ip_address—Client IP address or subnet specification; for example, 10.25.198.0/24.
•subnet_label—Label of a subnet definition block that binds a number of IP addresses or subnets.
Layer and Transaction Notes
• Can be used in all layers.
• Unavailable if the transaction is not associated with a client.
Examples
; Blacklisted workstation.
client.address=10.25.198.0 deny
; This example uses the client address to select the authentication realm for
; administration of the ProxySG.
<admin>
client.address=10.25.198.0/24 authenticate(LDAPRealm)
client.address=10.25.199.0/24 authenticate(NTLMRealm)
authenticate(LocalRealm) ; Everyone else
See Also
• Conditions: client.protocol=, proxy.address=, proxy.card=, proxy.port=
• Definitions: define subnet