Manual Chapter : Common Elements for a connectivity profile

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 14.0.1, 14.0.0
Manual Chapter

Common Elements for a connectivity profile

  1. On the Main tab, click
    Access
    Connectivity / VPN
    Connectivity
    Profiles
    .
    A list of connectivity profiles displays.
  2. Click
    Add
    .
    The Create New Connectivity Profile popup screen opens and displays General Settings.
  3. On the Main tab, click
    Access
    Connectivity / VPN
    Connectivity
    Client Downloads
    .
    A list of available client downloads displays.
  4. Select the connectivity profile that you want to update and click
    Edit Profile
    .
    The Edit Connectivity Profile popup screen opens and displays General Settings.
  5. Select a connectivity profile.
  6. Type a
    Profile Name
    for the connectivity profile.
  7. Select a
    Parent Profile
    from the list.
    APM provides a default profile,
    connectivity
    .
  8. Select a
    FEC Profile
    from the list.
    This setting is optional.
    You can select a previously configured FEC profile only when FEC is included in the BIG-IP system.
  9. Select a
    FEC Profile
    from the list.
  10. Click
    OK
    .
    The popup screen closes, and the Connectivity Profile List displays.
  11. Click the arrow on the
    Customize Package
    button and select
    Mac
    .
    The Customize Mac Client Package screen displays.
  12. Click
    Download
    .
    The screen closes and the package,
    BIGIPEdgeClient.exe
    , downloads.
  13. Click the
    Customize Package
    button.
    The Customize Windows Client Package popup screen displays with Available Components displayed.
  14. From the left pane of the popup screen, select
    Win/Mac Edge Client
    .
    Edge Client settings for Mac and Windows-based systems display in the right pane.
  15. Set Edge Client action settings:
    1. Retain the default (selected) or clear the
      Save Servers Upon Exit
      check box.
      Specifies whether Edge Client maintains a list of recently used user-entered APM servers. Edge Client always lists the servers that are defined in the connectivity profile, and sorts them by most recent access, whether this option is selected or not.
  16. To support automatic reconnection without the need to provide credentials again, allow password caching.
    1. Select the
      Allow Password Caching
      check box.
      This check box is cleared by default.
      The remaining settings on the screen become available.
    2. To require device authentication to unlock the saved password, select
      Require Device Authentication.
      This option links the option to use a saved password to a device authentication method. Supported device authentication methods include PIN, passphrase, and biometric (fingerprint) authentication on iOS and Android. Android devices also support pattern unlocking.
    3. From the
      Save Password Method
      list, select
      disk
      or
      memory
      .
      If you select
      disk
      , Edge Client caches the user's password (in encrypted form) securely on the disk where it is persisted even after the system is restarted or Edge Client is restarted.
      If you select
      memory
      ,  Edge Client caches the user's password within the BIG-IP Edge Client application for automatic reconnection purposes.
      If you select
      memory
      , the
      Password Cache Expiration (minutes)
      field displays with a default value of 240.
    4. If the
      Password Cache Expiration (minutes)
      field displays, retain the default value or type the number of minutes to save the password in memory.
  17. Specify the list of APM servers to provide when the client connects.
    The servers you add here display as connection options in the BIG-IP Edge Client.
    Users can select from these servers or they can type a hostname.
    1. From the left pane of the popup screen, select
      Server List
      .
      A table displays in the right pane.
    2. Click
      Add
      .
      A table row becomes available for update.
    3. You must type a host name in the
      Host Name
      field.
      Typing an alias in the
      Alias
      field is optional.
    4. Click
      Update
      .
      The new row is added at the top of the table.
    5. Continue to add servers, and when you are done, click
      OK
      .
  18. Specify DNS suffixes that are considered to be in the local network.
    Providing a list of DNS suffixes for the download package enables Edge Client to support the autoconnect option. With
    Auto-Connect
    selected, Edge Client uses the DNS suffixes to automatically connect when a client is not on the local network (not on the list) and automatically disconnect when the client is on the local network.
    1. From the left pane of the popup screen, select
      Location DNS List
      .
      Location DNS list information is displayed in the right pane.
    2. Click
      Add
      .
      An update row becomes available.
    3. Type a name and click
      Update
      .
      Type a DNS suffix that conforms to the rules specified for the local network.
      The new row displays at the top of the table.
    4. Continue to add DNS names and when you are done, click
      OK
      .
  19. Click
    Download
    .
    The screen closes and the package,
    BIGIPMacEdgeClient.zip
    , downloads.
  20. From Mobile Client Settings in the left pane, select
    Android Edge Portal
    .
    Settings for the Android Edge Portal display in the right pane.
  21. From Mobile Client Settings in the left pane, select
    iOS Edge Portal
    .
    Settings for the iOS Edge Portal display in the right pane.
  22. From Mobile Client Settings in the left pane, select
    Android Edge Client
    .
    Settings for the Android Edge Client display in the right pane.
  23. From Mobile Client Settings in the left pane, select
    iOS Edge Client
    .
    Settings for the iOS Edge Client display in the right pane.
  24. To enable users to save their passwords for reconnection purposes within a specified time period, select the
    Allow Password Caching
    check box.
    The additional fields in the area become available.
  25. To require that the device be unlocked with a PIN, password,
    pattern,
    or biometric authentication such as a fingerprint, select
    Require device authentication
    .
  26. For
    Save Password Method
    , specify how to perform password caching:
    • To allow the user to save the encrypted password on the device without a time limit, select
      disk
      .
    • To specify that the user password is cached in the application on the user's device for a configurable period of time, select
      memory
      .
    If you select
    memory
    , the
    Password Cache Expiration (minutes)
    field becomes available.
  27. If the
    Password Cache Expiration (minutes)
    field displays, type the number of minutes you want the password to be cached in memory.
  28. To enhance security on the client, retain the selection of the
    Enforce Device Lock
    check box (or clear the check box).
    This check box is selected by default. Edge Portal and Edge Client support password locking, but do not support pattern locking. If you clear this check box, the remaining settings in the area become unavailable.
  29. For
    Device Lock Method
    , retain the default
    numeric
    , or select a different method from the list.
  30. For
    Minimum Passcode Length
    , retain the default
    4
    , or type a different passcode length.
  31. For
    Maximum Inactivity Time (minutes)
    , retain the default
    5
    , or type a different number of minutes.
  32. Specify security by keeping
    Enforce PIN Lock
    set to
    Yes
    .
    Edge Portal supports PIN locking, but does not support pattern locking.
  33. For
    Maximum Grace Period (minutes)
    , retain the default
    2
    , or type a different number of minutes.
  34. Select
    Yes
    or
    No
    from the
    Allow External Access
    list.
  35. In the
    On Demand Disconnect Timeout (minutes)
    field, retain the default
    2
    , or type a different number of minutes before VPN on demand times out.
  36. To enable MobileSafe on the client, select the
    Enable MobileSafe
    check box.
  37. To force the app to use a selected logon mode and prevent users from changing it:
    1. Select the
      Enforce Logon Mode
      check box.
    2. From the
      Logon Method
      list, select
      web
      or
      native
      .
    This feature is supported with F5 Access for iOS and F5 Access for Android.
The connectivity profile displays in the list.
To provide functionality with a connectivity profile, you must add the connectivity profile and an access profile to a virtual server.