Configuring Exclusion Rules

When second-level authentication is enabled in the farm, user connecting to it will have to go through it before they can use published resources. If needed, you can exclude select client computers from this requirement and let them authenticate through Active Directory only.

Exclusions rules can be specified in the Exclusion section of the Second Level Authentication tab as described below.

To exclude client IP addresses:

1. Select the Client IP exclude lit option and click Configure.
2. Click Tasks > Add and then specify a single IP address or a range of addresses.
3. Click OK.
4. Add additional IP addresses if needed.
5. When done, click OK to return to the Second Level Authentication tab.

To exclude client MAC addresses:

1. Select the Client MAC exclude list option and click Configure.
2. Click the Add button and select a client MAC address from the list. You can also specify a MAC address range using double question marks as a wildcard in any part of the address. For example, 00-14-22-01-23-??, 00-14-22-01-??-??, or 00-14-22-??-??-??.

To exclude gateway IP addresses:

1. Select the Connection to the following Gateway IPs option.
2. Type a gateway IP address or expand the drop-down list and select one or more IP addresses from the list. Click the plus sign icon to add the available gateways to the list.
3. Click OK to save the selection and close the dialog. The IP addresses will appear in the Connection to the following Gateway IPs edit box.