Pulse Secure formerly SSL VPN
Showing results for 
Search instead for 
Do you mean 
Posts: 4
Registered: ‎08-19-2009
0 Kudos

restrict WSAM access by specific host

Hello all.  I am trying to restrict WSAM access to only check for the first octet and last octet.


Example:  Allow 10.0-255.0-255.94


Does anyone know how I can do this?  The syntax is not supported in the SAM ACL, but I was thinking that I could write a custom expression for this.


The goal is not to have to enter in all the host addresses for the 2nd & 3rd octet...which is alot of entries.


Any help would be appreciated.



Recognized Expert
Posts: 420
Registered: ‎03-24-2008
0 Kudos

Re: restrict WSAM access by specific host

Looks like what you want to do is not possible - you can't put a wildcard in the middle of a resource.


Any chance the devices you want to allow access to have or could have some sort of structured DNS names, like router-xxx-yyy.company.com, for a device at 10.xxx.yyy.1 ?  You could use a wildcard in the middle of the DNS name in the server specification for WSAM.



Posts: 4
Registered: ‎08-19-2009

Re: restrict WSAM access by specific host

[ Edited ]

Thanks Ken for the info.  Yes, I already knew about using DNS solution.  Unfortunately, the Juniper devices are not allowed to access DNS information due to company IT policy.


However, I have the solution.  Instead of changing the WSAM acl, you can make this happen by [User Roles > "Role Name" > SAM > Applications] and click on "Add Server".  The entry in the "* Server:" section will allow for all kinds of entries.


Here is an example:


The Juniper SA 4500 allows this and has been tested working as expected.


Pass the word along!

Message Edited by torraent on 08-25-2009 12:36 PM