Forum Discussion

cd_312641's avatar
cd_312641
Icon for Nimbostratus rankNimbostratus
Jul 31, 2018

Portal Access Resources / Webtop

Hello,

 

I am quite new to the APM module. I have been practicing on a VeLAB to give access to an Intranet website through a LTM-APM VS using Portal Access. It is working fine, but I want to clarify a few things.

 

Testing and going through docs I understood the following: 1) Require a VS with Access / Rewrite / Connectivity profile. Pool is not needed (but for health monitoring) 2) Portal Access in full patching requires Webtop

 

First of all, why do I need a Webtop ? From a technical point of view, everything the F5 needs to know about the intranet application is in the Portal Access / Portal Access Resources. It worked fine when I tested the minimal patching mode and applied the Portal Access to the Access Policy.

 

Second of all, how does the F5 link the Webtop to the Portal Access ? Through the 'application URI' field ? When I went to full patching mode, I unlinked the Portal Access from the Access Policy, and added the Webtop instead (Webtop List). Everything is working after that. The only link between them is the value of the application URI for both of them.

 

Finally, something happened that I wasn't expecting !

 

My intranet is accessible at site1.domain1.com (no external DNS). It has a link to a second intranet website accessible at site2.domain1.com

 

My Portal Access is configured with Application URI set to http://site1.domain1.com, and with Resource set for site1.domain1.com (URI /* and port 80). Works fine. Then I used the link to the second intranet website site2.domain1.com and it worked.

 

What I expected was that it would not work unless I added a Resource to my Portal Access for site2.domain1.com.

 

Please enlight me :)

 

1 Reply

  • Ok so I just simply deleted the Portal Access / Resources profile, only to let a Webtop (Portal Access type) with a start URI of http://site1.domain1.com, and it is working !!!

     

    So is the conclusion that Portal Access is only necessary if I want minimal patching ?

     

    I find disturbing that I cannot only allow specific websites with Webtop (other than with ACL...).