When creating policies on the proxy where multiple IP addresses will be used to trigger a given policy, how to group those addresses so that only a single rule is required.
There are serveral methods that can be employed to configure a group of addresses, depending on whether you are using the visual policy manager or local/central policy.
In this example, the administrator of this ProxySG needs to allow a list of 5 client IP addresses (
10.126.28.252, 10.126.28.248, 10.126.28.240, 10.126.28.243 and 10.126.28.244) to download files with an extension of
In the management console, go to Policy > Policy files. To the right of 'Install local file from', select text editor from the drop-down menu. Click Install to access the text editor. Paste the following content policy language into the text editor
ALLOW condition=client.address=Development_users url.extension=msi
Writing Local policy with Content Policy Language,(CPL) can be somewhat faster than using the Visual Policy Manager. For more information on creating policies using CPL, see the Content Policy Language Reference for your version of SGOS.