Problem configuring App Tunnel BIG-IP 11.5.1

Question

HiI have the requirement to give access to one web application for outside users so I was looking into APM to do that. Reading around it look like that Application Tunnel could solve my issue.The documentation just explains how to configure things with no explanation how things are supposed to work nor how to use the App Tunnel when it is configured, APM Doc.I finally managed to configure APM and started to test from inside (Private Net1), please note that I didn't configure "Application Path" and "Parameters" as I still don't understand what it does.This is the topology.__Public Net__ __Private Net1___ __Private Net2__ 
   |              |                 |                |   
Internet        router            BIG-IP      RserverSo from Net1 when I target the virtual server (the VS is terminating SSL) I can see the App tunnel icon on the webtop but when I click on it, it ask me to download the pluggin which fail every time. Reading on the F5 website it look like that Pluggin are being phased out by browsers (IE, Firefox etc...) so seem to me that it is no longer supported. So, I went and install F5 Edge client on my PC.Even with Edge client installed and running on my machine I am still prompted every time to download the plugin.Can anyone guide me into this, I don't know APM at all and it seem that I am not doing things correctly. My aim here is to make sure this is working locally before opening it from outside where I will have to deal with nating on the internet router.Rgds,Fabou

henrik_gyllkran · Answer

For web applications there are actually a couple of different ways to solve it depending on requirements in the application and so on. It might be as simple as just creating a normal LTM Virtual Server and then applying an Access Profile to that with a policy that does authentication only. Then no plugins or clients are needed.

fabou_139732 · Answer

Ok I see what you mean, I will try it soon.&nbsp;
Any idea of what I need to do to make my current setting work?&nbsp;

lucas_thompson_ · Answer

The plugins still work OK from IE 32-bit. Make sure you're using that version (that version is the default in Windows 7/8.x). It is still supported, but like you've mentioned, Chrome and FF no longer allow plugins like this.

The Application Launch stuff essentially tells the client PC to launch an application. The purpose is to launch an app with parameters that specify the target endpoint. For example, "telnet %host% %port%" would launch telnet against the local loopback socket, which would be proxied via iSession to the target by APM.

fabou_139732 · Answer

Do you mean that if I have the plugin working doing telnet 127.0.0.1 on the client PC would launch a telnet trough the tunnel to the target server?

Also in the case that I can't get the plugin working are there any alternative for making app tunnel working i.e. Edge client?

Forum Discussion

Problem configuring App Tunnel BIG-IP 11.5.1

4 Replies

Recent Discussions

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

Related Content

Configuring A Generic Routing Encapsulation (GRE) Tunnel Using BIG-IP

About VS : Vlan and tunnel configuration

Configuring a Per-App VPN Using F5 App Tunnels

SSL VPN Split Tunneling and Office 365

F5 BIG-IP Access Policy Manager (APM) Machine Tunnels for Windows