Manual Chapter :
About access policy endings
Applies To:
Show VersionsBIG-IP APM
- 15.0.1, 15.0.0
About access policy endings
An ending provides a result for an access policy branch. An ending for an access policy branch can be one
of three types.
- Allow
- Starts the SSL VPN session and loads assigned resources and a webtop, if assigned, for the user. Typically, you assign this when the user passes specific checks.
- Deny
- Disallows the SSL VPN session and shows the user an access denied web page. Typically, you assign this when the user does not have access to resources, or fails authentication. Alternatively after a session starts, shows a URL filter denied web page after a per-request policy rejects a request for a URL.
- Redirect
- Redirects the client to the URL specified in the ending configuration. You can define a redirect URL for each redirect ending. Typically, you can assign a redirect when the user requires remediation or a separate resource. For example, a user who fails the antivirus check because virus definitions are out of date can be redirected to the software manufacturer's site to get an antivirus update.