Lab 2: Portal Resources

A full webtop provides an access policy ending for an access policy branch to which you can optionally assign portal access resources, app tunnels, remote desktops, and webtop links, in addition to network access tunnels.

In this lab we will explore how to configure a Portal Access Resource to perform reverse proxy functionality.

Section 1 - Setup Lab Environment

Task 1 - Deploy prebuilt objects

To access your dedicated student lab environment, you will require a web browser and Remote Desktop Protocol (RDP) client software. The web browser will be used to access the Lab Training Portal. The RDP client will be used to connect to the Jump Host, where you will be able to access the BIG-IP management interfaces (HTTPS, SSH).

  1. Click DEPLOYMENT located on the top left corner to display the environment

  2. Click ACCESS next to jumpohost.f5lab.local

    image001

  3. Select your RDP resolution.

  4. The RDP client on your local host establishes a RDP connection to the Jump Host.

  5. Login with the following credentials:

    • User: f5lab\user1
    • Password: user1

  6. After successful logon the Chrome browser will auto launch opening the site https://portal.f5lab.local. This process usually takes 30 seconds after logon.

  7. Click the Classes tab at the top of the page.

    image002

  8. Scroll down the page until you see 102 Webtop Features on the left

    image003

  9. Hover over tile Portal Resources. A start and stop icon should appear within the tile. Click the Play Button to start the automation to build the environment

    image004 image005

  10. The screen should refresh displaying the progress of the automation within 30 seconds. Scroll to the bottom of the automation workflow to ensure all requests succeeded. If you experience errors try running the automation a second time or open an issue on the Access Labs Repo.

    image006

Section 2 - Basic Portal Resource

Task 1 - Create a Webtop

  1. From a browser navigate to https://bigip1.f5lab.local

  2. Login with username admin and password admin

    image009

  3. Navigate to Access >> Webtops >> Webtop Lists >> click the Plus Sign(+).

    image010

  4. Enter the Name full-webtop

  5. From the Type dropdown menu select Full

  6. Click Finished.

    image011

Task 2 - Create a portal resource

  1. Navigate to Access >> Connectivity/VPN >> Portal Access Lists >> click the Plus Sign(+).

    image012

  2. Enter the Name files

  3. From the Link Type dropdown menu select Application URI

  4. Enter the Application URI http://files-master.f5lab.local

  5. Enter the Caption files*

  6. Click Create

    image013

Task 3 - Create a Connectivity Profile

  1. Navigate to Access >> Connectivity/VPN >> Connectivity >> Profiles >>click the Plus Sign(+).

    image014

  2. Enter the Name webtop-cp

  3. From the Parent Profile dropdown menu select /Common/connectivity

  4. Click OK

    image015

Task 4 - Add new profiles to an existing Virtual Server

  1. Navigate to Local Traffic >> Virtual Servers >> Virtual Server List

    image016

  2. Click webtop-https

    image017

  3. In Content Rewrite Section, select rewrite from the Rewrite Profile dropdown menu.

  4. In Access Policy Section, select webtop-cp from the Connectivity Profile dropdown menu.

  5. Click Update

    image018

Task 5 - Add a Webtop Resource to an existing Policy

  1. Navigate to Access > Profiles / Policies > Access Profiles (Per-Session Policies),

    image019

  2. Click on Edit for webtop-psp.

    image020

  3. Click the Plus Sign(+) in between the AD Auth policy item and the Allow Terminal .

    image021

  4. Click on the Assignment Tab

  5. Select the Advanced Resource Assign radio button

  6. Click Add Item

    image022

  7. Click the Add New Entry button.

  8. Click the Add/Delete button

    image023

  9. Click on the Portal Access tab

  10. Select the radio button for /Common/files

    image024

  11. Click on the Webtop tab

  12. Select the radio button for /Common/full-webtop

  13. Click the Update button at the bottom of the screen.

    image025

  14. Click Save.

    image026

  15. At the top left of the browser window, click on Apply Access Policy

    image027

Task 3 - Test the Configuration

  1. Open a New Incognito web browser and navigate to https://webtop.acme.com.

  2. Enter the following credentials:

    Username: user1
    Password: user1

  3. Click Logon.

    image028

    Note

    This will open the APM landing page that shows the resources you are allowed to access. In this lab, we’ve only configured a single resource but you can add as many as you want and they will appear on this Webtop page.

  4. Click the F5 Resource on the webtop

    image029

  5. The Files site opens in a new tab, but notice you are not redirected to http://files.f5lab.local. Instead you are being reverse proxied to the site through https://webtop.acme.com

image030

Section 3 - Lab Cleanup

Task 1 - Run Cleanup automation

  1. From a browser on the jumphost navigate to https://portal.f5lab.local

  2. Click the Classes tab at the top of the page.

    image002

  3. Scroll down the page until you see 102 Webtop Features on the left

    image003

  4. Hover over tile Portal Resources. A start and stop icon should appear within the tile. Click the Stop Button to trigger the automation to remove any prebuilt objects from the environment

    image004 image007

  5. The screen should refresh displaying the progress of the automation within 30 seconds. Scroll to the bottom of the automation workflow to ensure all requests succeeded. If you experience errors try running the automation a second time or open an issue on the Access Labs Repo.

    image008

  6. This concludes the lab.

    image000