Manual Chapter : Hosting a BIG-IP Edge Client Download with Access Policy Manager

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 11.4.1, 11.4.0
Manual Chapter

About hosting a BIG-IP Edge Client file on Access Policy Manager

You can host files on BIG-IP® Access Policy Manager® (APM®) so clients can download them.

When you host a file on Access Policy Manager, you can provide the link to the file in a number of ways. In this example, the BIG-IP Edge Client® for Mac link is provided as a link on the user's webtop. The user connects through the web client, then clicks a link on the webtop to download the client file. To provide the BIG-IP Edge Client for Mac, first you must create a connectivity profile. Then, you can download the Mac client file as a ZIP file.

Task summary

To add the BIG-IP® Edge Client® for Mac file to the hosted content repository on Access Policy Manager®, so clients can download it, complete these tasks.

Task Summary

Customizing a connectivity profile for Mac Edge Clients

You must create a connectivity profile before you start this task.
A connectivity profile automatically contains settings for BIG-IP® Edge Client® for Macintosh. You update the settings to specify how to handle password caching and component updates, to specify the servers to display on the clients, and to supply DNS names to support location awareness.
  1. On the Main tab, click Access Policy > Secure Connectivity. A list of connectivity profiles displays.
  2. Select the connectivity profile that you want to update and click Edit Profile. The Edit Connectivity Profile popup screen opens and displays General Settings.
  3. From the left pane, select Win/Mac Edge Client. Edge Client action and password caching settings display in the right pane.
  4. Set Edge Client action settings:
    1. Optional: Retain the default (selected) or clear the Save Servers Upon Exit check box. The setting specifies whether the BIG-IP Edge Client maintains a list of recently used Access Policy Manager servers. The BIG-IP Edge Client always lists the servers defined in the connectivity profile, and sorts the list of servers by most recent access, whether this option is selected or not. However, the BIG-IP Edge Client lists user-entered servers only if this option is selected.
  5. Set password caching settings for enhanced security:
    1. Optional: Select the Allow Password Caching check box. This check box is cleared by default. The remaining settings on the screen become available.
    2. Optional: Select disk or memory from the Save Password Method list. If you select disk, an encrypted password is saved on disk and cached when the system reboots or when the BIG-IP Edge Client is restarted. If you select memory,  the BIG-IP Edge Client caches the user's password within the BIG-IP Edge Client application for automatic reconnection purposes. If you select memory, the Password Cache Expiration (minutes) field displays with a default value of 240.
    3. If the Password Cache Expiration (minutes) field displays, retain the default value or type the number of minutes to save the password in memory.
    4. From the Component Update list, select yes (default) or no. If you select yes, APM updates the BIG-IP Edge Client software automatically on the Mac client when newer versions are available.
  6. From the left pane, select Server List. A table displays in the right pane.
  7. Specify the servers that you want defined in the client downloads. The servers you add here appear as connection options in the BIG-IP Edge Client.
    1. Click Add. A table row becomes available for update.
    2. You must type a host name in the Host Name column. Typing an alias in the Alias column is optional.
    3. Click Update. The new row is added at the top of the table.
    4. Continue to add servers and when you are done, click OK.
  8. From the left pane, select Location DNS List. A table is displayed in the right pane.
  9. Specify DNS suffixes that are considered to be in the local network. DNS suffixes specified here conform to the rules specified for the local network. When the BIG-IP Edge Client is configured to use the option Auto-Connect , the client connects when the systems DNS suffix is not one defined on this list. When the client DNS suffix does appear on this list, the client automatically disconnects. If you do not specify any DNS suffixes, the option  Auto-Connect  does not appear in the downloaded client.
    1. Click Add. An update row becomes available.
    2. Type a name and click Update. The new row displays at the top of the table.
    3. Continue to add DNS names and, when you are done, click OK.
  10. Click OK. The popup screen closes, and the Connectivity Profile List displays.
The connectivity profile appears in the list.
To provide functionality with a connectivity profile, you must add the connectivity profile and an access profile to a virtual server.

Downloading the Mac client package for the BIG-IP Edge Client

You can download a Mac Client package and distribute it to clients whose configuration does not allow an automatic download.
Note: If you already customized a Mac Client package for a connectivity profile, a customized package file, BIGIPMacEdgeClient.exe, was downloaded to your system. If you cannot find the package, use this procedure.
  1. On the Main tab, click Access Policy > Secure Connectivity. A list of connectivity profiles displays.
  2. Select a connectivity profile.
  3. Click the arrow on the Customize Package button and select Mac. The Customize Mac Client Package screen displays.
  4. Click Download. The screen closes and the package, BIGIPMacEdgeClient.zip, downloads.
The customized package, BIGIPMacEdgeClient.zip, is downloaded to your client. It is available for you to distribute, if needed. The customized package is downloaded to clients automatically only when the Windows/Mac Edge Client settings in the related connectivity profile allow password caching and component updates.

Uploading BIG-IP Edge Client to hosted content on Access Policy Manager

Upload the client file to the Access Policy Manager® hosted content repository so you can provide it to clients through a download link.
  1. On the Main tab, click Access Policy > Hosted Content > Manage Files. The Manage Files screen opens.
  2. Click the Upload button. The Create New File popup screen opens.
  3. For the Select File setting, click the Browse button. Browse and select the BIGIPMacEdgeClient.zip file that you previously downloaded. The Select File and File Name fields are populated with the file name.
  4. From the File Action list, select Upload Only.
  5. In the File Destination Folder field, specify the folder path in which to place the file. For purposes of this example, the folder /client is specified.
  6. Click OK. The file appears in the hosted content list.
You must associate any access profiles that will access hosted content with the hosted content repository.

Associating hosted content with access profiles

A user can access hosted content that is associated with that user's access profile. Each access profile that requires hosted content access must be associated with the entire hosted content repository.
  1. On the Main tab, click Access Policy > Hosted Content > Manage Files. The Manage Files screen opens.
  2. On the Upload button, click the right-side arrow to select Manage Access from the list. The Access Settings popup screen opens.
  3. Select the access profiles to associate with hosted content, then click OK. A user must belong to an associated access profile to access hosted content.
View the hosted content list, and verify that the access policy association was successful.

Creating a webtop link for the client installer

You can create and customize links that you can assign to full webtops. In this context, links are defined applications and web sites that appear on a webtop, and can be clicked to open a web page or application. You can customize these links with descriptions and icons.
  1. On the Main tab, click Access Policy > Webtops > Webtop Links.
  2. Click Create to create a new webtop link.
  3. In the Name field, type a name for the new webtop link.
  4. From the Link Type list, select Hosted Content.
  5. From the Hosted File link, select public/share/client/BIGIPMacEdgeClient.zip.
  6. In the Caption field, type a descriptive caption. The Caption field is pre-populated with the text from the Name field. Type the link text that you want to appear on the web link.
  7. If you want to add a detailed description, type it in the Detailed Description field.
  8. To specify an icon image for the item on the webtop, click in the Image field and choose an image, or click the Browse button. Click the View/Hide link to show or hide the currently selected image.
  9. Click Finished.
The webtop link is now configured, and appears in the list, and on a full webtop assigned with the same action. You can edit the webtop link further, or assign it to an access policy.
Before you can use this webtop link, it must be assigned to an access policy with a full webtop, using either an advanced resource assign action or a webtop and links assign action.

Adding a webtop and webtop links to an access policy

You must have an access profile set up before you can start this task.
You can add the webtop and webtop links assign action to an access policy to add a webtop and webtop links to an access policy branch. Webtop links are displayed on a full webtop.
Important: Do not assign a webtop for a portal access connection configured for minimal patching mode. This configuration does not work.
  1. On the Main tab, click Access Policy > Access Profiles. The Access Profiles List screen opens.
  2. Click the name of the access profile for which you want to edit the access policy. The properties screen opens for the profile you want to edit.
  3. On the menu bar, click Access Policy. The Access Policy screen opens.
  4. Click Edit Access Policy for Profile profile_name. The visual policy editor opens the access policy in a separate screen.
  5. On an access policy branch, click the plus symbol (+) to add an item to the access policy. A popup screen displays actions on tabs, such as General Purpose and Authentication, and provides a search field.
  6. On the Assignment tab, select the Webtop and Links Assign agent and click Add Item. The Webtop and Links Assignment screen opens.
  7. In the Name field, type a name for the access policy item. This name is displayed in the action field for the access policy.
  8. On the Webtop & Webtop Links Assignment screen, next to the type of resource you want to add, click the Add/Delete link. Available resources are listed.
  9. To assign resources, select the options you want.
  10. Click the Save button to save changes to the access policy item.
You can now configure further actions on the successful and fallback rule branches of this access policy item.
Click the Apply Access Policy link to apply and activate your changes to this access policy.

Implementation result

As a result of these implementation tasks, you have added the client file to a webtop link.