The rewriting policy defines how the PCS (Pulse Connect Secure) will handle web traffic. By default, there is an Initial Rewrite Policy configured to rewrite all web traffic. To verify that the rewrite policy is defined correctly, log into the PCS as an Administrator. Navigate to: Resource Policies > Web > Selective Rewriting.
Select the policy to verify. In the policy there are several options that need to be checked.
- The first option is Resources.
Verify that the resource listed is defined correctly. Resource policies are defined in the following manner:
For more information on how to specify a resource policy, consult the Resource Policy section of the Administration Guide for your version of PCS.
[protocol]://<hostname or IP address>:[port(s)]/[path]
With all versions, you have the option to use Detailed Rules. For more instructions on using detailed rules, consult the Writing a Detailed Rule section of the Administration Guide for your version of PCS.
- The next option to check is the Roles section.
This section defines which roles the policy applies to. Verify that the role used is included in this section of the policy.
- The last option is the Action section.
This section defines how the IVE handles web requests. There were a couple additional options added to this section in version 5.2 and higher.
- The options for 5.1 and below are:
With 5.1 and lower, you only have two options: Rewrite the Content and Don't Rewrite the Content.
- The options for 5.2 and higher are:
With 5.2 and higher, you have the option to:
- The options for Don't Rewrite Content:
- The first option is to Don't Rewrite Content: Redirect to the target web server. This option is if you don't want the IVE to rewrite the content, and the IVE can redirect the traffic to the target web server that is accessible from the internet. If this option is selected, and the web page requested needs to access resources on the internal side of the network, the user will get an error because the IVE is not passing the traffic internally, it is just redirecting the traffic externally.
- The second option is to Don't Rewrite Content: Do Not Redirect to Target Web Server. This option will not rewrite the content and not redirect the requests externally, but to internal web servers hosting the sites.