apm profile connectivity
apm profile connectivity(1) BIG-IP TMSH Manual apm profile connectivity(1)
NAME
connectivity - Configures a connectivity profile.
MODULE
apm profile
SYNTAX
Configure the connectivity component within the profile module using
the syntax shown in the following sections.
CREATE/MODIFY
create connectivity [name]
modify connectivity [name]
options:
adaptive-compression [enabled | disabled]
app-service [[string] | none]
citrix-client-bundle [[name] | default-citrix-client-bundle]
client-policy [add | delete | modify | replace-all-with] {
[name] {
android-ec {
device-lock-method [alphabetic | alphanumeric | any | numeric ]
enable-mobilesafe [true | false]
enforce-device-lock [true | false]
enforce-logon-mode [true | false]
logon-mode [native | web]
require-device-auth [true | false]
max-inactivity-time [integer]
min-passcode-length [integer]
save-password [true | false]
save-password-method [disk | memory]
save-password-timeout [integer]
}
android-ep {
device-lock-method [alphabetic | alphanumeric | any | numeric ]
enable-mobilesafe [true | false]
enforce-device-lock [true | false]
enforce-logon-mode [true | false]
logon-mode [native | web]
max-inactivity-time [integer]
min-passcode-length [integer]
save-password [true | false]
save-password-method [disk | memory]
save-password-timeout [integer]
}
chromeos-ec {
enforce-logon-mode [true | false]
logon-mode [native | web]
save-password [true | false]
save-password-method [disk | memory]
save-password-timeout [integer]
}
ec {
component-update [yes | prompt | no]
location-dns [add | delete | modify | replace-all-with] {
[name]
}
reuse-winlogon-creds [true | false]
reuse-winlogon-session [true | false]
save-password [true | false]
save-password-method [disk | memory]
save-password-timeout [integer]
save-servers-on-exit [true | false]
}
ios-ec {
enable-mobilesafe [true | false]
enforce-logon-mode [true | false]
logon-mode [native | web]
require-device-auth [true | false]
save-password [true | false]
save-password-method [disk | memory]
save-password-timeout [integer]
vod-disconnect-timeout [integer]
}
ios-ep {
enable-mobilesafe [true | false]
enforce-logon-mode [true | false]
logon-mode [native | web]
enforce-pin-lock [true | false]
max-grace-period [integer]
save-password [true | false]
save-password-method [disk | memory]
save-password-timeout [integer]
}
servers {
{
alias [[string] | none]
host [string]
}
...
}
}
}
compress-buffer-size [integer]
compress-cpu-saver [true | false]
compress-cpu-saver-high [integer]
compress-cpu-saver-low [integer]
compress-gzip-level [integer]
compress-gzip-memlevel [integer]
compress-gzip-window-size [integer]
compress-ingress [true | false]
compress-preferred-method [[string] | none]
compression [enabled | disabled]
compression-codecs [[string] | none]
customization-group [[string] | none]
defaults from [[name] | none]
deflate-compression-level [integer]
description [[string] | none]
location-specific [true | false]
tunnel-name [[string] | none]
edit connectivity [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
DISPLAY
list connectivity
list connectivity [ [ [name] | [glob] | [regex] ] ... ]
show running-config connectivity
show running-config connectivity [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
partition
show connectivity
show connectivity [name]
DELETE
delete connectivity [name]
DESCRIPTION
You can use the connectivity component to configure a connectivity
profile. By using the connectivity profile, you can configure L2 and L4
tunnels, compression, Windows and mobile client settings, and client
component downloads from F5 Networks and Citrix.
EXAMPLES
create connectivity myconnectivityprofile { }
Creates a connectivity profile named myconnectivityprofile that
inherits its settings from the system default connectivity
profile.
OPTIONS
adaptive-compression
Enables or disables adaptive compression. Use this option to
configure compression settings for application tunnels and to
optimize applications and RDP traffic. The default is enabled.
app-service
Specifies the name of the application service to which the object
belongs. The default value is none. Note: If the strict-updates
option is enabled on the application service that owns the object,
you cannot modify or delete the object. Only the application
service can modify or delete the object.
citrix-client-bundle
Specifies the Citrix client bundle used by this connectivity
profile. The default is default-citrix-client-bundle.
client-policy
Adds, deletes, or modifies the client policy for any of the
following clients:
android-ec Android Edge Client
android-ep Android Edge Portal
chromeos-ec Chrome OS Edge Client
ec Windows/OSX Edge Client
ios-ec iOS Edge Client
ios-ep iOS Edge Portal
Options (please refer to the SYNTAX section to see if a certain
option is supported for a particular client):
component-update
Specifies how the client handles automatic updates. The
options are:
yes Automatically installs a client update when one is
available.
prompt
Prompts the user about installing a client update.
No Disables the client from receiving automatic updates.
device-lock-method
Specifies the device lock quality that the client should
enforce on the device. The options are:
alphabetic
Device passcode must contain at least alphabetic (or
other symbol) characters.
alphanumeric
Device passcode must contain at least both numeric and
alphabetic (or other symbol) characters.
any A device passcode must be set but does not matter what
it is.
numeric
Device passcode must contain at least numeric
characters.
enable-mobilesafe
Enables or disable MobileSafe checks. Use this option to
configure whether client should execute the MobileSafe
security checks as part of the logon. The default is false.
enforce-device-lock
Specifies whether client should enforce a device passcode
policy on the device. The default is true.
enforce-logon-mode
Specifies whether client should enforce a logon mode on the
device. The default is false. Set to true if external logon
page is used.
logon-mode
Specifies logon mode to be enforced on the device. The
default is native. Set to web if external logon page is used.
enforce-pin-lock
Specifies whether client should enforce an app-level PIN
before allowing access to the app. The default is true.
location-dns
Specifies a list of DNS suffixes used by the Network Location
Awareness feature of the client. This list represents the
internal network where local resources are available without
the need of a Network Access connection. The default is none.
max-grace-period
Specifies the length of time (in minutes) the app was taken
to the background before the user will be asked for a PIN.
With the option set to 0, user will be asked for the PIN
every time the app is taken from the background. The default
is 2.
max-inactivity-time
Sets the length of time (in minutes) since the user last
touched the screen or pressed a button before the device
locks the screen. The default is 5.
min-passcode-length
Specifies the minimum required number of characters for the
device passcode. The default is 4.
require-device-auth
Specifies whether device authentication is needed before
accessing cached credentials. The default is false.
reuse-winlogon-creds
Specifies whether client can reuse logon credentials entered
by a user for a subsequent log in. The default is false.
reuse-winlogon-session
Specifies whether client should attempt to use the same
Windows logon session. The default is false.
save-password
Specifies whether client allows user password caching. The
default is false.
save-password-method
Specifies whether client saves encrypted passwords on disk or
caches passwords in memory only. The default is disk.
save-password-timeout
Specifies the number of minutes that a cached password
remains valid (applies only to in-memory password caching).
The default is 240.
save-servers-on-exit
Specifies whether client maintains a list of Access Policy
Manager systems that the client accessed. The default is
true.
servers
Specifies a list of server and alias pairs in the client's
server list.
compress-buffer-size
Specifies the size of compressed data for Network Access tunnels.
The default is 4096.
compress-cpu-saver
Specifies whether the system monitors the percentage of CPU usage
and adjusts compression rates automatically when CPU usage reaches
either the CPU saver high threshold or the CPU saver low
threshold. The default is true.
compress-cpu-saver-high
Specifies the percentage of CPU usage at which the system starts
automatically decreasing the amount of content being compressed,
as well as the amount of compression which the system is applying.
The default is 90 percent.
compress-cpu-saver-low
Specifies the percentage of CPU usage at which the system resumes
content compression at the user-defined rates. The default is 75
percent.
compress-gzip-level
Specifies the degree to which the system compresses the content.
Higher compression levels slow down the compression process. The
default is 6, which provides a higher amount of compression at the
expense of more CPU processing time. 1 is the lowest level and 9
is the highest level. 0 disables compression.
compress-gzip-memlevel
Specifies the number of kilobytes of memory that the system uses
for internal compression buffers when compressing data. You can
select a value between 1 and 256. The default is 8192.
compress-gzip-window-size
Specifies the number of kilobytes in the window size that the
system uses when compressing data. You can select a value between
1 and 128. The default is 16384.
compress-ingress
Specifies whether incoming data is compressed. The default is
false.
compress-preferred-method
Specifies the preferred method of data compression. The default is
zlib.
compression
Enables or disables compression between the client and the server.
The default is enabled.
compression-codecs
Specifies the available compression codecs for server-to-client
connections. The server compares the available compression types
you configure with the available compression types on the client,
and then chooses the most effective mutual compression setting.
Compression for the client is configured separately. The default
includes all three available codecs:
lzo Offers a balance between CPU resources and compression ratio,
compressing more than deflate, but with less CPU resources
than bzip2.
deflate
Uses the least CPU resources, but compresses the least
effectively.
bzip2
Uses the most CPU resources, but compresses the most
effectively.
customization-group
Specifies which customization groups are applied. This option is
required.
defaults-from
Specifies the profile from which this profile inherits properties
that are not specified explicitly. The default is connectivity.
deflate-compression-level
Specifies the level of compression performed by the deflate codec.
The default is 1.
description
Specifies a user-defined description for the connectivity profile.
location-specific
Specifies whether or not this object contains one or more
attributes with values that are specific to the location where the
BIG-IP device resides. The location-specific attribute is either
true or false. When using policy sync, mark an object as location-
specific to prevent errors that can occur when policies reference
objects, such as authentication servers, that are specific to a
certain location.
[name]
Specifies the profile that you want to use as the parent profile.
The new profile inherits all settings and values from the parent
profile.
tunnel-name
Specifies the name of the tunnel through which data passes. The
default is none.
SEE ALSO
apm profile, ltm virtual
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or
by any means, electronic or mechanical, including photocopying,
recording, or information storage and retrieval systems, for any
purpose other than the purchaser's personal use, without the express
written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2011-2013, 2015. All rights
reserved.
BIG-IP 2015-12-03 apm profile connectivity(1)