cancel
Showing results for 
Search instead for 
Did you mean: 

Differences between expressions and conditions

Highlighted
Valued Contributor

Differences between expressions and conditions

Fairly new to the SSL VPN tool and trying to come up to speed on it. Working today with custom expressions for role mappings and noticed that the options for building a custom expression looked identical to the options for building a custom condition under Resource Policies, Detailed Rules.

I created a couple of custom expressions for testing role mapping and wondered what the logic was as to why the DON'T show up under the conditions dictionary when building detailed rules. As all of the operators and variables seemed the same I wondered why you could not use the same item in both places.

Thanks for anyone who can shed some light on a somewhat trivial question.







Kevin Barker
JNCIP-SEC
JNCIS-ENT, FWV, SSL, WLAN
JNCIA-ER, EX, IDP, UAC, WX
Juniper Networks Certified Instructor
Juniper Networks Ambassador

Juniper Elite Reseller
J-Partner Service Specialist - Implementation

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
1 REPLY 1
Highlighted
Super Contributor

Re: Differences between expressions and conditions

I had my first experience with conditions this week, so now I have an opinion. 

It certainly doesn't appear to make any sense for conditions and expressions to be separate.  One quirk about expressions is that they are associated with a authorization server.  If you change your authentication server, or add an authorization server, your existing expressions disappear even if they do not refer to any fields associated with the authorization server.

This sounds like something worth pressing Juniper on.