Forum Discussion

sameh_atef_2110's avatar
Nov 15, 2015

Queries about access to APM resources

Hi, I have two queries :

 

  1. If i authenticate from APM logon page. Then, i get a certain webtop. I will connect to webtop resources like links, RDP ....etc using which source IP ? the user IP or the APM self IP ?

     

  2. If i get an IP from Network Access and lease pool. at this case, I will connect to webtop resources like links, RDP ....etc using which source IP ? the user IP or the APM self IP ?

     

2 Replies

    1. if SNAT enabled, Self IP address will be used. If SNAT disabled, Source IP address will be used.

       

    2. Weird use case. If you start a Network Access, you do not connect to webtop with resources. But if it is the case, same as 1 except for direct resources like Webtop links. But I'm 100% sure. Must be tested first. But I don't advice this use case.

       

  • Hamish's avatar
    Hamish
    Icon for Cirrocumulus rankCirrocumulus

    There isn't really a short answer. Apart from it depends on the IP address the client get back from a DNS query for the APM server address.

     

    I went through this quite a bit last year after some clients started to complain that they could no longer access the web top after they'd started the network access up. And it turns out it's reasonably straight forward in concept. But highly dependent on how you have everything (Including DNS) setup.

     

    If the IP address is routable via the network access tunnel. You'll access the web top using whatever IP you're NAT'ed to (Including SNAT). If the IP address the client gets back from a DNS query is NOT routable via the tunnel then they'll access the webtop directly (In parallel and external) to the tunnel. SO the web top would see their access from the same IP address as before they started the network access.

     

    H