Forum Discussion
APM - configure local ip / port of App tunnel
is it possible to configure the local ip and local port for an App tunnel? like it was possible in the Firepass. or is this something which is determined by the software and can't be configured?
from some test i usually get the ip 127.0.0.5 and sometimes a port number 1 higher then the destination port.
according to F5 support not possible.
- Lucas_Thompson_Historic F5 Account
To add a little more information here: It can't be configured. In APM, apptunnels operate differently than Firepass.
APM App tunnel has 3 access possibilities:
1-You can access using direct backend IP if you have F5 DNS Relay Service installed.
2-You can access using hostname if a) the definition is made with a hostname, and b) hostname is resolvable at connect time by APM, and c) either DNS Relay Service is installed OR user has permission to write to the local hosts file
3-You can access using the loopback IP (127.x.x.x) and port of the apptunnel. This is what's populated in the %host% and %port% in the Application Launch area. Unfortunately there is no way to predetermine what this 127.x address will be.
Also, F5 DNS Relay Service is NOT installed automatically, you must manually install it with the Edge Client installer.
thank you lthompson, from what you tell me the F5 DNS Relay Service picks up IP and DNS requests towards the backend server I configure right?
so for example, if i configure an App Tunnel with the destination IP 10.10.10.10 i should be able to locally connect to 10.10.10.10 and it will be send to the backend server? even if 10.10.10.10 is known on my local network?
should ports be mapped 1 on 1? would the above logic also go for ports, if i just connect to the right IP:port it will redirect correctly?
- Lucas_Thompson_Historic F5 Account
Yes exactly. So if your backend (from APM perspective) is 10.10.10.10:22 (for ssh, say), then if you use apptunnels and have DNS relay service installed in the client, your user can connect to 10.10.10.10:22 (from client perspective). DNS relay service uses Detours to accomplish this magic.
- Robert_47833Altostratus
hi ,lthompson my APM has a simliar issue now. it is App tunnel for ssh ,it works great in windows,but Mac client can't in Mac client,it liesten in 1024,1025.and so on., If I want to access one ssh server behind APM,I need to type "ssh localhost -p 1024 " how to fix this ,I only want user to type "ssh real-ssh-server-ip" in their Mac client
- Robert_47833Altostratus
how to download Edge Client installer for Mac? where is the link?
- Oscar_141263Nimbostratus
12.1.2 has tmsh commands local-ip and local-port-range
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com