Configuring a Per-App VPN Using F5 App Tunnels

Hi Piotr! Good questions...find responses in line.

• Launching Chrome is just to show that it's possible to launch a specific app when using App Tunnel - to access Webtop we need anyway to use some browser - Am I right?

Steve - You are correct. I used Chrome as one example but one of the most common use cases I see in my customer base is using putty to access a network device over SSH. So, in that case, you would use putty as the program versus Chrome but honestly, you can launch almost any app that you know will be installed on the workstation of the user that will be using the app tunnel.

• BIG-IP Management accessed via App tunnel is on the same BIG-IP where App Tunnel is defined or it's another BIG-IP?

Steve - In this example, I am accessing the BIG-IP management UI of the same device though it doesn't have to be. When you define a resource it can be the same device or different. To be transparent regarding my use case, I actually got frustrated using portal access because of the javascript rewrites required which caused a bit of latency. Certainly, for most apps that is not an issue but in my case I wanted to find a solution that could provide an encrypted tunnel internally without exposing something via virtual server (though you can). I will say though one downfall of using apptunnels is the lack of SSO which portal access does provide. Hope this helps but if it doesn't lets keep tthe conversation going. Let me know.