E XERCISE 7.3 – W EBTOPS AND R ESOURCES
Required virtual images: BIGIP_A_v11.5.1, LAMP_3.4.
Estimated completion time: 45 minutes
TASK 1 – Create a Full Webtop
Create a full Webtop, which you will replace in the network_access policy.
In the VMware library, power on the BIGIP_A_v11.5.1 and LAMP_3.4 images.
Access and log in to BIGIP_A_v11.5.1.
Verify that you have restored using bc_7.2_apm_network_access_v11.5.1 (there should be an access policy named network_access).
Open the Access Policy > Webtops > Webtop List page, and then click Create.
Create a Webtop using the following information, and then click Finished.
Name full_webtop
Type Full
Minimize to Tray Not enabled (cleared) Show a warning… Enabled
Show URL Entry Field Enabled
Open the Access Policy > Access Profiles > Access Profiles List page.
In the network_access row, click the Edit link to open the Visual Policy Editor.
Click Resource Assign.
Click Add/Delete.
Click the Webtop tab.
Exercise 7.3 – Webtops and Resources
Select the /Common/full_webtop option, then click Update, and then click Save.
Click Apply Access Policy.
TASK 2 – Test Network Access
Test network access to see how the new network resource and updated Webtop have changed the experience for remote users.
Use a new tab to access https://access.vlab.f5demo.com.
Question:
Why does the link on the Webtop read “network_access”? ________________________
________________________________________________________________________
Click Logout (but leave the Web browser open).
In the Configuration Utility, open the Access Policy > Network Access > Network Access List page, and then click network_access_na_res.
Make the following changes, and then click Update.
o Caption: Lorax network access o Image: NetworkAccess.jpg
Open the Access Policy > Customization > Quick Start page.
Exercise 7.3 – Webtops and Resources
From the Header Background Color list box, select dark blue.
Edit the Footer Text to Lorax Industries VPN Access.
Edit the Footer Font Size to 14px, and then click Save.
In the Customization pane, click Common Webtops Settings.
From the Available Webtops list box, select /Common/full_webtop.
From the Select Language list box, select English (en).
From the Portal Access Webtop Link Color list box, select a new color.
In the Full Webtop Popup window Logo list box, select lorax, and then click Save.
Apply the updated access policy.
In the Webtop Web browser, select click here to re-open your session.
→NOTE: You may need to refresh the Web browser to make all of the changes take effect.
Click Logout. (Leave the Web browser open.)
Exercise 7.3 – Webtops and Resources
TASK 3 – Create a Portal Access Resource
Create a new portal access resource and rewrite profile.
In the Configuration Utility, open the Access Policy > Portal Access > Portal Access List page, and then click Create.
Create a new portal access resource using the following information, and then click Create.
Name portal_resource
Link Type Application URI Application URI http://10.128.20.11 Caption Web application Image PortalImage.jpg
Open the Access Policy > Portal Access > Rewrite page, and then click Create New Profile.
Create a new rewrite profile using the following information, and then click OK.
General Information: Name rewrite_profile General Information: Parent Profile /Common/rewrite Portal (Access): Client caching Type No Cache
TASK 4 – Update the Virtual Server and the Access Policy
Update the network_access virtual server to use the new rewrite policy, and then test access to the portal resource using the Webtop.
Open the Virtual Server List page, and then click network_access_vs.
In the Rewrite Profile list box, select rewrite_profile, and then click Update.
In the Visual Policy Editor, click Resource Assign.
Click Add/Delete.
Select the Portal Access tab, and then select the /Common/portal_resource checkbox.
Exercise 7.3 – Webtops and Resources
In the Webtop Web browser, re-open your session.
Click Web application, and then examine the URL box.
Question:
To the client, what appears to be the Web server host name? _________________________
Right-click the Web browser and click View Source.
Note the <a href> tags.
Close the source page and the F5 vLab Test Web Site page.
In the Webtop, in the URL entry field, type http://10.128.20.17, and then click the button on the right.
Close the tab, and then click Logout on the Webtop.
TASK 5 – Create and Use Webtop Links
Create two Webtop links and test user access using the dynamic Webtop.
In the Configuration Utility, open the Access Policy > Webtops > Webtops Links page, and then click Create.
Create Webtop link using the following information, and then click Repeat.
Name internal_server
Link Type Application URI Application URI http://10.128.20.12 Caption Internal server
Image InternalServer.jpg
Exercise 7.3 – Webtops and Resources
Create another Webtop link using the following information, and then click Finished.
Name external_server
Link Type Application URI Application URI http://askf5.com Caption External server
Image ExternalServer.jpg
In the Visual Policy Editor, click Resource Assign and add the following:
o Webtop Links: /Common/external_server o Webtop Links: /Common/internal_server
Click Update, then click Save, and then click Apply Access Policy.
In the Webtop Web browser, re-open your session.
Click Internal Server.
You should receive a time out error page.
Click Full network access.
Once the network tunnel is connected, click Internal server on the Webtop.
Examine the URL box.
Question:
To the client, what appears to be the Web server host name? _________________________
Does a Webtop Link actually grant access to a resource? ________________
Close Notepad and the Web browser, and click Disconnect in the network access Web browser window.
Click External server.
Question:
Are Webtop Links rewritten by BIG-IP APM? _____________
Close the Web browser, and then click Logout on the Webtop.
Exercise 7.3 – Webtops and Resources
TASK 6 – Create and Use an Application Tunnel Link
Create two application tunnel resources and add them to the dynamic Webtop.
In the Configuration Utility, open the Access Policy > Application Access > App Tunnels page, and then click Create.
Create an application tunnel using the following information, and then click Create.
Name appsrv_access Caption App server access Image web_server.png
In the Resource Items section, click Add.
Add a resource item using the following information, and then click Finished.
Destination IP Address: 10.128.20.11
Port(s) Port: 80
Application Protocol None Compression Enabled
Application Path http://10.128.20.11
Add another resource item using the following information, and then click Finished.
Destination IP Address: 10.128.20.12
Port(s) Port: 22
Application Protocol None Compression Disabled
In the Visual Policy Editor, click Resource Assign and add the following:
o App Tunnel: /Common/appsrv_access
Click Update, then click Save, then click Apply Access Policy, and then close the virtual policy editor.
In the Webtop Web browser, re-open your session.
Click App server access (confirm all dialog boxes you receive).
Question:
Which application window displayed automatically? _________________________________
On the F5 vLab Test Web Site page, select Plaintext Compress Example.
Examine the compression statistics in the App tunnel window.
Use an SSH client to access 10.128.20.11.
Use a new tab to access https://10.128.20.11.
Exercise 7.3 – Webtops and Resources
Use a new SSH client session to access 10.128.20.12.
→NOTE: It’s not necessary to log into the CLI to complete this task.
Close the Web browser and SSH sessions.
Questions:
Did you connect to https://10.128.20.11? _____________
Did you connect to 10.128.20.11 using SSH? _______________
Did you connect to 10.128.20.12 using SSH? _______________
Why could you access http://10.128.20.11 but not https://10.128.20.11?
__________________________________________________________________________
Why could you SSH to 10.128.20.12 but not 10.128.20.11? _________________________
__________________________________________________________________________
In the App tunnel window, click Disconnect.
Click Logout on the Webtop, and close the Web browser.
Create an archive file named bc_7.3_apm_full_webtop_v11.5.1.