Applies To:Show Versions
- 17.0.0, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0
Overview: Access Policies for F5 Access
About access policy branches for F5 Access
- Create an access policy usingClient-Side Capability. This provides a branch for clients that do not support client-side checks. Assign authentication and a network access resource to this branch.
- Use an existing access policy with client-side checks. The macOS client will fail to the fallback branch of the first client-side check, if the logon mode is native. If the logon mode is Web Logon, user interaction is required to proceed with the fallback branch. Assign authentication and a network access resource to the fallback branch.
- Add aClient OSAccess Policy item, and assign authentication and resources to themacOSbranch.
Access policy item
Configuring an access policy for F5 Access for macOS
- On the Main tab, click.The Access Profiles List screen opens
- ClickCreate.The New Profile screen opens.
- In theNamefield, type a name for the access profile.An access profile name must be unique among all access profile and any per-request policy names.
- From theProfile Typelist, selectSSL-VPN.Additional settings display.
- From the Profile Scope list, retain the default value or select another.
- Profile:Gives a user access only to resources that are behind the same access profile. This is the default value.
- Virtual Server:Gives a user access only to resources that are behind the same virtual server.
- Global:Gives a user access to resources behind any access profile that has global scope.
- In the Language Settings area, add and remove accepted languages, and set the default language.A browser uses the highest priority accepted language. If no browser language matches the accepted languages list, the browser uses the default language.
- Click the name of the access profile for which you want to edit the access policy.The properties screen opens for the profile you want to edit.
- Click theAccess Policytab.
- In the General Properties area, click theEdit Access Policy for Profileprofile_namelink.The visual policy editor opens the access policy in a separate screen.
- ClickAdd Item.The screen is not active while the visual policy editor creates the action. The screen closes and a Properties screen displays.
- Click the Endpoint Security (Server-Side) tab, and select Client OS.
- On the MacOS branch, clickAdd Item.
- Click the Endpoint Security (Server-Side) tab, and select Client Type.
- On the F5 Access branch, add the authentication and resource actions you require. For example, add a Logon Page, Client Certificate, and Resource Assign actions.
- When you have finished configuring the access policy, clickApply Access Policy.