cancel
Showing results for 
Search instead for 
Did you mean: 

Traffic script rule to request a client to Authenticate against an LDAP Authenticator

Brother_Fox
Occasional Contributor

Traffic script rule to request a client to Authenticate against an LDAP Authenticator

Hello guys,

 

We are using vTM 19.2r2.

 

Question from my side - how to create Traffic script rule to authenticate users/apps against LDAPS on port 636 and depend of the answer from LDAP - grant or deny access to backend SMTP server on port 25.

Can someone help with Traffic script rule please?

1 REPLY 1
ldarby
Moderator

Re: Traffic script rule to request a client to Authenticate against an LDAP Authenticator

 Hi Brother_Fox

 

Apologies for the lack of response here.   If you haven't already found out, the way to do this is configure the ldap authenticator in Catalogs > Authenticators (and not System > Users > Authenticators). Then you can use the auth.query() function to query it with the user/password (and see the auth.query() docs for an example with HTTP), then probably connection.close("...") with the right SMTP syntax to reject connections.

 

This article might be helpful in extracting the user/password from SMTP traffic: https://community.pulsesecure.net/t5/Pulse-Secure-vADC/HowTo-Inspect-and-synchronize-SMTP/ta-p/29185.

 

If you need further assitance writing the Trafficscript then Pulse Secure can help but this would be under a professional services engagment, please see https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44677.

 

Regards,

Laurence

Pulse Secure vADC Support (Acquired by Ivanti)