The default behavior of APM is to allow requests and rewrite URLs according to rewrite profile.
The Portal Access resource allow you to:
- create a link when using full webtop
- configure SSO for this URL
- configure caching
- configure compression
- enable / disable Layer 7 logs
When configuring APM in VPN SSL mode, I always create a ACL with order 1000
- type L4
- Source / destination : 0.0.0.0/0
- Action : drop
- Log : packet
and assign it to all users.
Then, all Portal access resources are defined with order less than 1000. If a user is not assigned this portal access resource, the connection is dropped with a Deny page.