Forum Discussion
omar_padilla
Altocumulus
AltocumulusAPM - app tunnel restrict
Hello, dear, I would like you to help me understand the app tunnel in apm, it turns out that I have a simple access policy that has an advanced resource assiggn and there I have configured an app tunnel and a network access, the apptunel exposes a web application, but what I need is that only the users that connect by vpn access that resource, or some way that I can access the internal ip, is this possible? Because as I see the network access and the app tunnel cannot be used at the same time, then how do I restrict this application? , This web application is something like http://10.3.0.128 where the segment 10.3.0.0/24 is the internal vlan, obviously I have no connection when I enter the tunnel app because I am in an external network, then I would have to put an ip of the external vlan (virtual server), or is it that I am making a mistake in my configuration, then I was not clear about how the tunnel app works, what is the benefit, thanks for the help
This application cannot be published with a web portal because it brings problems with the service, so I need to do it through app tunnel
spalandeNacreous
F5 should have connectivity to internal resource. It doesn't need to be exposed to outside (external) VLAN. Apptunnel needs to be configured using the destination (either IP or hostname) of target resource, port, parameter and path of the application (optional) e.g. if it's VMware horizon client, path of the application can be set. Finally apptunnel needs to be published on the webtop.
You can refer more info here
https://techdocs.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-application-access-11-4-0/1.html