Netscaler 10.1 Client IP Addresses - Assign specific pools for different User Groups

Hi EE,

We've been running Netscaler 10.1 for a few months now. We have Universal Licenses installed allowing VPN which works beautifully. All connecting clients get a Client IP in a 192.168.29.0/24 subnet currently. I'm looking for a way to carve this up to give specific users specific IP Pools - think Power Users or IT Admins requiring different firewall policies to be applied.

I know the numbers are wrong here but something logically like this:
Standard user: 192.168.29.1-128
User Group X: 192.168.29.129-160
User Group Y: 192.168.29.161-200

Ideally this would be applied based based on the Security Group membership of the user.

I'm far from expert with Netscaler but have become comfortable enough to find my way around it, any suggestions would be greatly appreciated!

Thank you,

Adam
LVL 2
aroddickAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

compdigit44Commented:
The following article shows how to assign a IP range to a user or group but I am testing this in my lab and do not see where in the vserver to define which group get an IP block.... I bet it is sometype of added policy to check the user account attributes when they log in.


http://support.citrix.com/proddocs/topic/netscaler-gateway-105/ng-plugin-ip-pooling-config-tsk.html

Good Luck
0
compdigit44Commented:
I am wonder if a responder policy could do this????
0
aroddickAuthor Commented:
Couldn't quite get this to provide different IP Pools for different users or user groups. We ended up talking to our firewall manufacturer Palo Alto who was able to provide syslog integration with the Netscaler. This let us apply user based policies on the firewall instead of IP based rules which meets our needs quite nicely.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
aroddickAuthor Commented:
Described in my comment.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Citrix

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.