Redirect user traffic based on TLS version

book

Article ID: 170631

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

In some instances you may want to redirect certain user traffic instead of disabling a lower level TLS versions (eg TLS version  1.0)
The Visual Policy Manager does not contain this functionality however it is possible to write this policy in CPL

Resolution

<proxy>
action.EXAMPLEREDIRECT(yes)  client.connection.negotiated_ssl_version=TLSV1

define action EXAMPLEREDIRECT
  redirect( 302, ".*", "www.example.com" )
end