Forum Discussion

cd_312641's avatar
Icon for Nimbostratus rankNimbostratus
Aug 09, 2018

Portal Access / Webtop Portal Access



I am new to APM and I find difficult to understand how Portal Access and Webtop Portal Access works.


I have setup a Portal Access profile in full patching mode, which forces me to do the following:


  • Set the Publish on Webtop option within the Portal Access profile
  • Create a Webtop Portal Access and Apply it to the Access Policy branch
  • Create a Rewrite profile (parent rewrite-portal) and a Connectivity profile and apply thems to the VS

My understanding that was that the Portal Access profile was key to the solution because it is there that you set the Portal Access Resources with the given hostnames and paths of the applications you want to access.


However, in order to better understand how it worked, I tested the following:


  • Remove the Portal Access from the Access Policy branch (only Webtop Portal Access attached): both my two intranet websites were still accessible
  • Completely delete the Portal Access profile created : again, both my two intranet websites were still accessible

What is the use of Portal Access profile then ? It seems useless as Webtop Portal Access alone makes the solution to work.


1 Reply

  • The default behavior of APM is to allow requests and rewrite URLs according to rewrite profile.


    The Portal Access resource allow you to:


    • create a link when using full webtop
    • configure SSO for this URL
    • configure caching
    • configure compression
    • enable / disable Layer 7 logs

    When configuring APM in VPN SSL mode, I always create a ACL with order 1000


    • type L4
    • Source / destination :
    • Action : drop
    • Log : packet

    and assign it to all users.


    Then, all Portal access resources are defined with order less than 1000. If a user is not assigned this portal access resource, the connection is dropped with a Deny page.