How to Remove the “Skip Check” Option from Post-Authentication and nfactor EPA Scans

Run the following commands from NetScaler CLI for NetScaler 10.1 or 10.5:

add rewrite action SkipEPA_Action insert_before_all “http.RES.body(120000)” q/”nsversion=epaActiveX.getEPAVersion();” + “n”/ -search “text(“”if(epaActiveX.getEPAVersion()!= nsversion)”)” -comment SuppressSkipEPAScan

add rewrite policy SkipEPA_Pol “http.REq.URL.PATH_AND_QUERY.EQ(“/vpns/postepa.html”)” SkipEPA_Action -comment “Skip EPA Scan Policy”

bind vpn server <VPN VServer name here> -policy SkipEPA_Pol -priority 100 -gotoPriorityExpression END -type RESPONSE


If running NetScaler 11.x or 12.0, then use these CLI commands instead of the above:

add rewrite action SkipEPA_Action insert_before_all “HTTP.RES.BODY(120000).SET_TEXT_MODE(IGNORECASE)” q{“skipbutton.hide();”} -pattern “var left = $(“<div></div>”).addClass(‘left’);”

add rewrite policy SkipEPA_Pol “HTTP.REQ.URL.CONTAINS(“postepa_view.js”)” SkipEPA_Action

bind vpnvserver <VPN VServer name here> -policy SkipEPA_Pol -priority 10 -gotoPriorityExpression END -type RESPONSE

If running NetScaler 13.0 or 13.1, where you get a warning message “Warning: -pattern is deprecated and will be removed in release 13.1, use -search instead” then use these CLI commands :

add rewrite action SkipEPA_Action insert_before_all “HTTP.RES.BODY(120000).SET_TEXT_MODE(IGNORECASE)” “”skipbutton.hide();”” -search “regex(re~var left = \$\(“<div></div>”\).addClass\(‘left’\);~)”

add rewrite policy SkipEPA_Pol “HTTP.REQ.URL.CONTAINS(“postepa_view.js”)” SkipEPA_Action

bind vpnvserver <VPN VServer name here> -policy SkipEPA_Pol -priority 10 -gotoPriorityExpression END -type RESPONSE

Note that both sets of commands works upon a page which will be cached by both your browser and the NetScaler, so if it does not immediately work, clear your browser cache and clear the NetScaler’s cache. Note if IC is disabled, you may need to reboot the NS to clear the cache.

For RfWebUI theme:

  1. Append the below css style in /var/netscaler/logon/themes/<customTheme>/style.css.

#skipbutton {

display: none;

}

  1. Flush browser and ns cache for changes to reflect immediately. NS cache can be flushed using below command

flush cache contentgroup loginstaticobjects

Related:

  • No Related Posts

Leave a Reply