Scenario: A Citrix Administrator suspects an attack on a load-balancing vServer (IP address 192.168.100.25). The administrator needs to restrict access to this vServer for 10 minutes.
Which Access Control List (ACL) will accomplish this?
Scenario: A Citrix Administrator suspects an attack on a load-balancing vServer (IP address 192.168.100.25). The administrator needs to restrict access to this vServer for 10 minutes.
Which Access Control List (ACL) will accomplish this?
To restrict access to a load-balancing vServer for 10 minutes, the correct action is to use an ACL with a Time-to-Live (TTL) of 600 seconds, since 10 minutes equals 600 seconds. The correct IP field should be the source IP (srcIP), not the destination IP. Therefore, the appropriate ACL command would be: add simpleacl rule1 DENY -srcIP 192.168.100.25 -TTL 600.
https://docs.citrix.com/en-us/citrix-adc/current-release/networking/access-control-lists-acls/extended-acls-and-extended-acl6s.html
Answer B https://docs.netscaler.com/en-us/citrix-adc/current-release/networking/access-control-lists-acls.html "If both simple and extended ACLs are configured, incoming packets are compared to the simple ACLs first."
Sorry by mistake. -srcIP it´s correct
First the parameter is in seconds then 10 min = 600 sec, and then SrcIp its correct
add ns acl rule1: This adds a new ACL rule with the name "rule1." DENY: This specifies that the action for this rule is to deny access. -destIP 192.168.100.25: This sets the destination IP address to 192.168.100.25, meaning it restricts access to this specific IP address. -TTL 600: This sets the Time-to-Live (TTL) for the rule to 600 seconds, which is equivalent to 10 minutes.
TTL is in seconds. https://docs.netscaler.com/en-us/citrix-adc/current-release/networking/access-control-lists-acls/simple-acls-and-simple-acl6s