Scenario: A Citrix Administrator needs to implement a Content Filter policy to ensure the following conditions are met:
• The user with source IP 10.100.32.211 should NOT be allowed to access the vserver 10.10.10.1.
• All other users from subnet 10.100.32.0/24 should have access to the vserver 10.10.10.1.
• Access to the vserver should be blocked for all the other users.
Which policy expression will meet this requirement if the policy action is RESET and the policy is bound to the server (VIP: 10.10.10.1)?
A. REQ.IP.SOURCEIP != 10.100.32.211 || REQ.IP.SOURCEIP != 10.100.32.211 -netmask 255.255.255.0
B. REQ.IP.SOURCEIP = = 10.100.32.211 || REQ.IP.SOURCEIP != 10.100.32.0 -netmask 255.255.255.0
C. REQ.IP.SOURCEIP != 10.100.32.211 && REQ.IP.SOURCEIP = = 10.100.32.0 -netmask 255.255.255.0
D. REQ.IP.SOURCEIP = = 10.100.32.211 && REQ.IP.SOURCEIP != 10.100.32.0 -netmask 255.255.255.0
Action is RESET, so B.
RESERT if IP.SRC is 10.100.32.211 or IP.SRC is not in 10.100.32.0/24
c
https://support.citrix.com/article/CTX208695
== to allow
block 1=
https://discussions.citrix.com/topic/253519-restrict-access-to-virtual-server-website-by-subnet/
https://support.citrix.com/article/CTX208695 doesn’t support C, it references AA group + subnet as a filter, which isn’t an option here.
C
Agree! B
Correct Answer is B