Path: System > Device List or Group List > Device Name or Group Name > Configuration > Access Control Evaluate
Figure 211
This page lets you evaluate the currently active access control policies on the cache device.
Evaluate Details: The fields in this section let you set up a sample new connection or user request to be evaluated.
Source: This is the source IP address and port number you want the system to evaluate as though it were part of a new connection or user request.
X-Forwarded-For: This is the X-Forwarded-For IP address you want the system to evaluate as though it were part of a new connection or user request.
Incoming: This is the device IP address and port number you want the system to evaluate as though it were receiving the request.
Host: This is the host IP address and port number you want the system to evaluate as though it were the target of the request.
URL: This is the URL you want the system to check access for.
User Name: This is the name you want the system to evaluate as though it belonged to an authenticated user.
User Membership Insert: This section lets you specify the names of LDAP or NTLM groups, NTLM Domains, or authentication profiles the system should include for testing user request access. The test will assume that the designated user is authenticated to one or more of these groups, Domains, or profiles.
Name: This is the name of the group, profile, or domain you are inserting in the User Membership List.
Type: This lets you select the type of membership you are inserting in the list.
User Membership List: This list the memberships you have inserted.
Name: This shows the names of the groups, authentication profiles, or NTLM Domains you inserted.
Type: This shows the type of membership for each name you inserted.
Delete: To delete a list item, select the item and click this button.
OK: Click this to evaluate the set of conditions you have specified against the Access Control policies you have created on the device.
Cancel: Click this to leave the policy evaluation screen.
View Policy Evaluation
Path: System > Device List or Group List > Device Name or Group Name > Configuration > Access Control Evaluate > OK
Figure 212
Evaluate Details: The fields in this section let you set up a sample new connection or user request to be evaluated.
Source: This is the source IP address and port number you asked the system to evaluate as though it were part of a new connection or user request.
X-Forwarded-For: This is the X-Forwarded-For IP address you asked the system to evaluate as though it were part of a new connection or user request.
Incoming: This is the device IP address and port number you asked the system to evaluate as though it were receiving the request.
Host: This is the host IP address and port number you asked the system to evaluate as though it were the target of the request.
URL: This is the URL you asked the system to check access for.
User Name: This is the name you asked the system to evaluate as though it belonged to an authenticated user.
User Membership List: This lists the memberships you inserted.
Name: This shows the names of the groups, authentication profiles, or NTLM Domains you inserted.
Type: This shows the type of membership for each name you inserted.
Trace:
Stage: New Connection
Action: Shows whether New Connection requests will be allowed or blocked by the current access controls.
Stage: User Request
Action: Shows whether User requests will be allowed or blocked by the current access controls.
OK: Click this to save changes and return to the previous page.
Cancel: Click this to discard changes and return to the previous page.
