Forum Discussion
cd_312641
Nimbostratus
NimbostratusPortal Access / Webtop Portal Access
Hello,
I am new to APM and I find difficult to understand how Portal Access and Webtop Portal Access works.
I have setup a Portal Access profile in full patching mode, which forces me to do the following:
- Set the Publish on Webtop option within the Portal Access profile
- Create a Webtop Portal Access and Apply it to the Access Policy branch
- Create a Rewrite profile (parent rewrite-portal) and a Connectivity profile and apply thems to the VS
My understanding that was that the Portal Access profile was key to the solution because it is there that you set the Portal Access Resources with the given hostnames and paths of the applications you want to access.
However, in order to better understand how it worked, I tested the following:
- Remove the Portal Access from the Access Policy branch (only Webtop Portal Access attached): both my two intranet websites were still accessible
- Completely delete the Portal Access profile created : again, both my two intranet websites were still accessible
What is the use of Portal Access profile then ? It seems useless as Webtop Portal Access alone makes the solution to work.
Stanislas_Piro2Cumulonimbus
The default behavior of APM is to allow requests and rewrite URLs according to rewrite profile.
The Portal Access resource allow you to:
- create a link when using full webtop
- configure SSO for this URL
- configure caching
- configure compression
- enable / disable Layer 7 logs
When configuring APM in VPN SSL mode, I always create a ACL with order 1000
- type L4
- Source / destination : 0.0.0.0/0
- Action : drop
- Log : packet
and assign it to all users.
Then, all Portal access resources are defined with order less than 1000. If a user is not assigned this portal access resource, the connection is dropped with a Deny page.