Forum Discussion
13 Replies
- Theo_12742Cirrus
No, but the APM logic supports lookups to different ad groups in a single policy. We have done that to over 20 AD groups. Also, if you collect/ask for the domain, you can go directly to that domain and check as well.
- Gajanan_Vasmat1NimbostratusYes, i do have two connectivity profile for auto connect to vpn and other connectivity profile. Per requirement i need to assign these profile to specific group with single URI .I am not able apply two connectivity profile to single VS.
- Theo_12742CirrusYou can do this with a single policy, and assign a connectivity profile resource. In your VPE, Add » Assignment » Resource Assign or Advanced Resource Assign
Hello,
You can use the same Access Policy and implement a condition based on the AD group within the VPE. Or you can use the Per-request access profile feature (v12)
But you can't have 2 access profiles on the same VS. If you are using two different hostnames for a single VIP, you can configure forwarding traffic to 2 separate internal VS that have an access profile each.
- Gajanan_Vasmat1Nimbostratusactually I do have two connectivity profile for auto connect to vpn and other connectivity profile. Per requirement i need to assign these profile to specific group with single URI .I am not able apply two connectivity profile to single VS. can it it suffice by irule ?
- Lucas_Thompson_Historic F5 AccountWhy do you need to assign two different connectivity profiles? A connectivity profile is basically a PPP tunnel interface and a set of configuration parameters applied to downloaded client applications. I can't really think off the top of my head a reason to assign two simultaneously to an APM vip. Can you explain your use case?
- Gajanan_Vasmat1Nimbostratusmanagement want if some specific people accessing internal application then f5 apm vpn should connect automatically from their any device so I created different connectivity profile.
- Yann_Desmarest_Nacreous
Hello,
You can use the same Access Policy and implement a condition based on the AD group within the VPE. Or you can use the Per-request access profile feature (v12)
But you can't have 2 access profiles on the same VS. If you are using two different hostnames for a single VIP, you can configure forwarding traffic to 2 separate internal VS that have an access profile each.
- Gajanan_Vasmat1Nimbostratusactually I do have two connectivity profile for auto connect to vpn and other connectivity profile. Per requirement i need to assign these profile to specific group with single URI .I am not able apply two connectivity profile to single VS. can it it suffice by irule ?
- Lucas_Thompson_Historic F5 AccountWhy do you need to assign two different connectivity profiles? A connectivity profile is basically a PPP tunnel interface and a set of configuration parameters applied to downloaded client applications. I can't really think off the top of my head a reason to assign two simultaneously to an APM vip. Can you explain your use case?
- Gajanan_Vasmat1Nimbostratusmanagement want if some specific people accessing internal application then f5 apm vpn should connect automatically from their any device so I created different connectivity profile.