Manual Chapter : Portal Access Common Elements

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 15.0.1, 15.0.0
Manual Chapter

Portal Access Common Elements

Common stuff used in portal access.
  1. On the Main tab, click
    Access
    Connectivity / VPN
    Portal Access
    Portal Access Lists
    .
    The Portal Access List screen opens.
  2. Click the
    Create
    button.
    The New Resource screen opens.
  3. Type the name and an optional description.
  4. Click the name of a portal access resource.
    The Portal Access Properties screen for that resource opens.
  5. From the
    ACL Order
    list, specify the placement for the resource.
    Option
    Description
    Last
    Select this option to place the new portal access resource last in the ACL list.
    After
    Select this option to select, from the list of configured ACLs, the ACL that this portal access resource should follow in sequence.
    Specify
    Select this option to specify an order number, for example,
    0
    or
    631
    for the ACL.
  6. From
    Configuration
    , select
    Basic
    or
    Advanced
    .
    The
    Advanced
    option provides additional settings so you can configure a proxy host and port.
  7. For the
    Match Case for Paths
    setting, select
    Yes
    to specify that portal access matches alphabetic case when matching paths in the portal access resource.
  8. From the
    Patching Type
    list, select the patching type for the web application.
    For both full and minimal patching types, you can select or clear patching methods specific to your selection.
  9. To publish a link for the web application on the full webtop, or to use hosted content files, for the
    Publish on Webtop
    setting, select the
    Enable
    check box.
    Do not enable the
    Publish on Webtop
    setting if you are configuring the portal access resource for minimal patching.
  10. If you enabled
    Publish on Webtop
    , select whether the
    Link Type
    is an application URI or a file uploaded to the hosted content repository.
    • Application URI:
      This is the main URI used to start this portal access resource. You can configure other URIs with specific caching and compression settings by adding resource items to the portal access resource, after the main resource is configured.
    • Hosted Content:
      Use content uploaded to the hosted content repository to present on the webtop. When you select a hosted content file (typically a web-browser readable file), that file becomes the main destination for this webtop link.
      In the
      Resource Items
      area, you must add all resources that you have uploaded to the hosted content repository that apply to this particular hosted content link.
  11. In the Customization Settings for English area, in the
    Caption
    field, type a caption.
    The caption appears on the full webtop, and is required. This field is required even if you do not select the
    Publish on webtop
    option.
  12. Optionally, in the
    Detailed Description
    field type a description for the web application.
  13. In the
    Image
    field, specify an icon for the web application link. Click the
    View/Hide
    link to show the current icon.
  14. If your application is behind a proxy server, to specify a proxy host and port, you must select
    Advanced
    for the configuration to display additional fields, and type the proxy host and proxy port.
  15. Click the
    Create
    button.
  16. Click the
    Create
    button.
    The Portal Access resource is saved, and the Portal Access Resource screen now shows a
    Resource Items
    area.
  17. In the Resource Items area, click the
    Add
    button.
    A New Resource Item screen for that resource opens.
  18. From
    New Resource Item
    , select
    Basic
    or
    Advanced
    .
    The
    Advanced
    option provides additional settings so you can configure headers.
  19. From
    Resource Item Properties
    , select
    Basic
    or
    Advanced
    .
    The
    Advanced
    option allows you to set Session Update, Session Timeout, and Home Tab settings.
  20. Select whether the resource item is application paths or hosted content.
    • Paths:
      If you select this option, set the host name or IP address, URI paths, the scheme, and the port.
    • Hosted Content:
      If you select this option, choose an item from the list of content uploaded to the hosted content repository
      You must add all files that you have uploaded to the hosted content repository that apply to this particular hosted content resource.
  21. Configure the properties for the resource item.
    • To add headers, select
      Advanced
      next to New Resource Item.
    • To configure
      Session Update
      ,
      Session Timeout
      , and
      Home Tab
      , select
      Advanced
      next to Resource Item Properties.
  22. Click
    Finished
    .
    This creates the portal access resource item.
  23. Click
    Access
    Connectivity / VPN
    VDI / RDP
    Portal Access
    Rewrite
    .
    The Rewrite Profile List screen opens.
  24. Click
    Create New Profile
    .
    The Create New Profile Rewrite screen opens.
  25. In the
    Name
    field, type a name for the rewrite profile.
  26. From the
    Parent Profile
    list, select a parent profile.
    For Portal Access, you should select the
    /Common/rewrite
    or
    /Common/rewrite-portal
    profile as the parent. The new rewrite profile inherits the
    Client Caching Type
    setting from the parent profile.
  27. From the
    Rewrite Mode
    list, select
    Portal (Access)
    .
  28. From the
    Client Caching Type
    list, select the caching option.
  29. To enable split tunneling for portal access connections, select
    Split Tunneling
    from the list.
    Split tunneling provides two options to access your web page:
    Rewrite
    and
    Bypass
    . If you enable split tunneling, Access Policy Manager presents only web pages that satisfy one of these filters. Others are blocked (although a blocked public site may still be available outside the webtop). If you do not use split tunneling, Access Policy Manager processes all portal access URLs through the rewriting engine. You can specify a URL pattern using the following syntax:
    scheme: //host[:port]/path
    . You can also use wildcards such as the asterisk ( * ) to denote any sequence of characters and the question mark ( ? ) for any single character. Access Policy Manager rewrites links in all pages specified for
    Rewrite
    .
    • Rewrite
      - Rewrites URLs. When you use this option, Access Policy Manager controls the redirection of the URL. Use this option to access URLs inside the network. Type a URL match pattern for the sites where you need to create the reverse-proxy and click the
      Add to Rewrite List
      button.
    • Bypass
      - Directly accesses the URL and leaves the URL unmodified. Use this option to speed up serving public sites. Type a URL match pattern for URLs to be accessed directly, bypassing the rewrite engine, and click the
      Add to Bypass List
      button.
  30. To configure Java patching, click
    JavaPatcher Settings
    . Configure the Java Patcher options for verification and re-signing of signed applets.
  31. To configure the
    Trusted Certificate Authorities
    , from the list select a CA against which to verify signed applets signatures.
  32. To configure a
    Signer
    ,from the list select a certificate to use for re-signing.
  33. To configure a
    Signing Key
    , from the list select a corresponding private key for re-signing.
  34. To set a
    Signing Key Pass Phrase
    , type a passphrase with which to encrypt the private key.
  35. To select a
    Certificate Revocation List (CRL)
    , from the list select a CRL with which to check certificate validity.
  36. To configure URI Translation request and response settings, under
    URI Translation
    select
    Settings
    .
  37. Configure translation settings.
  38. Select
    Portal Access Setup Wizard
    and click
    Next
    .
  39. On the Basic Properties screen in the
    Policy Name
    field, type a name for the access policy.
    The name you type here prepends the name of the objects (for example, the virtual server) that the wizard creates for this configuration.