Forum Discussion

Paul_Duan_24199's avatar
Paul_Duan_24199
Icon for Nimbostratus rankNimbostratus
Jan 05, 2016
Solved

Access VMware Workspace Portal/Identity Manager using BIG-IP Access Policy Manager (APM)

The external users would like to access VMware Workspace Portal/Identity Manager through APM, so external users are able to launch Horizon View desktops or RDS farm applications presented on Workspace Portal/Identity Manager without using Security Servers.

 

Does current APM support it?

 

APM
application delivery
iApps
  • Justin_Venezia_'s avatar
    Justin_Venezia_
    Jan 06, 2016

    Hi, Paul.

     

    Yes - we can do this today with iRules to make this work. Right now, we have it working for PCoIP, Citrix, and Web Applications launched through IDM (they can be proxied through APM). We are working on the HTML apps and/or desktops right now, and "hopefully" should have this done soon.

     

    If you are interested, send me your contact information and we may be able to give you early access to the iRules...

     

    Justin Venezia

     

12 Replies

Sort By
  • Justin_Venezia_'s avatar
    Justin_Venezia_
    Icon for Cirrus rankCirrus
    Jan 06, 2016

    Hi, Paul.

     

    Yes - we can do this today with iRules to make this work. Right now, we have it working for PCoIP, Citrix, and Web Applications launched through IDM (they can be proxied through APM). We are working on the HTML apps and/or desktops right now, and "hopefully" should have this done soon.

     

    If you are interested, send me your contact information and we may be able to give you early access to the iRules...

     

    Justin Venezia

     

    • Paul_Duan_24199's avatar
      Paul_Duan_24199
      Icon for Nimbostratus rankNimbostratus
      Jan 06, 2016
      Thanks Justin. I was expecting get answer from you. My contact has been messaged.
    • Victor_Badauy_2's avatar
      Victor_Badauy_2
      Icon for Nimbostratus rankNimbostratus
      Feb 06, 2017

      Hi Justin,

       

      Is it possible to get these irules as well?

       

      Best regards,

       

  • Justin_Venezia_'s avatar
    Justin_Venezia_
    Icon for Cirrus rankCirrus
    Jan 20, 2016

    Michael - send me your contact info, please. We're still working on a portion of the solution and don't have a firm ETA on when we'll release to DevCentral.

     

    We can discuss the options if you are willing/need only a portion of the solution (PCoIP, Citrix, Web Apps, etc.).

     

    Thanks!

     

    Justin

     

    • alex_4_236440's avatar
      alex_4_236440
      Icon for Altostratus rankAltostratus
      Nov 17, 2016

      Hi Justin,

       

      I can't see a way to send you a PM - please could you share these irules with me too?

       

      I'm hoping to use APM for PCoIP, HTML5, and Web Apps.

       

    • Matt_Mabis's avatar
      Matt_Mabis
      Icon for Employee rankEmployee
      Jan 17, 2017

      Hey Alex.4 we are still working on HTML5 (Apps and Desktops) through APM, we should have a solution soon coming down the pipeline. We do however have the Native Client Method for (PCoIP/Blast Extreme) Functional.

       

      Just keep in mind that these iRules are functional they are not supported by Typical F5 Support. We are working on integrations into the next major release of our software to incorporate these as native supported Functions (Native Client).

       

      If you want them please PM me on DevCentral with your contact information and ill make sure you get them.

       

      Matt Mabis

       

  • Markus_Hilty's avatar
    Markus_Hilty
    Icon for Nimbostratus rankNimbostratus
    Jun 06, 2016

    Hi Justin,

     

    Is it possible to get these irules as well? i tried to analyze and implement workspace one an apm without success. we need only the Web Apps.

     

    Regards, Markus

     

  • LJM_301194's avatar
    LJM_301194
    Icon for Nimbostratus rankNimbostratus
    Nov 30, 2016

    Hi, I am also looking to setup vIDM behind APM and enable SSO. Are you able to provide information on the APM configuration, please?

     

    Lyle

     

  • JC_47645's avatar
    JC_47645
    Icon for Nimbostratus rankNimbostratus
    Nov 13, 2017

    Have these iRules been published anywhere or is there a guide on how to set this up yet? If so, could someone please send a link or instructions. Thanks!

     

    • Matt_Mabis_2949's avatar
      Matt_Mabis_2949
      Historic F5 Account
      Nov 13, 2017

      Which method are you hoping to do @JC

       

      APM as IDP or VIDM as IDP?

       

      i am working on some documentation for the APM as IDP method with Native Client. Nothing public as of yet but i will post about it as soon as its ready, This would be using native 13.0 code and no iRules to implement the APM as IDP for Horizon Native Client integration.

       

    • JC_47645's avatar
      JC_47645
      Icon for Nimbostratus rankNimbostratus
      Nov 13, 2017

      I'm not exactly sure what the best setup for us is yet. I'm working on a POC with vIDM on-prem and integrating it with Horizon View/RDSH Apps. We already proxy View connections via APM for external access and everything works as expected. With the vIDM integration, accessing View internally works great but externally it appears the APM auth gets in the way. I've read the guide on how integrate APM (as SP) and vIDM (as IdP) so we can translate SAML to kerberos or header-based credentials for SSO access to internal apps. I was hoping there was something similar you could do for View connections but maybe had to incorporate some iRules to handle the auth request coming from the View Native Client.

       

      To make a long story short...just looking for some guidance on how to access View Desktops/Apps externally via vIDM when View is being proxied by APM. Any assistance or design recommendations would be appreciated.