How do I setup users to use the F5 Big IP device? Follow

General Overview

On the new F5 Big IP devices, the icons and connection modules have been separated from the connection groups that were used by the F5 FirePass unit. This method allows for greater flexibility when setting up customer users, as modules can be added a la carte instead of as a bundle. Below are examples from the original F5 FirePass, and from the new F5 Big IP.

FirePass

Website: https://sc1.gtsonline.net or https://sc2.gtsonline.net

Group Name: F5Tablet

Rights: Connects the user to a specific datacenter (HIO or SLC) depending on the website above

Allows connection to the Secure Connect Website

                Provides an RDP connection to the hosted server

                Provides an SSL VPN portal

                Allows access to a shared folder (Xfer$) on their server via FTP

Big IP

Website: https://connect.gtsonline.net

Group Names:       F5_HIO or F5_SLC

                                F5_WebTop

                                F5_RDP

                                F5_SSLGateway

                                F5_XFER

Rights: Connects the user to a specific datacenter (HIO or SLC) depending on the datacenter group

                Allows connection to the Secure Connect Website/WebTop

                Provides an RDP connection to the hosted server

                Provides an SSL VPN portal for Mac and tablet connections

                Allows access to a shared folder via a mapped T: drive

 

Should a user need a change made to their access rights, an individual Big IP group can be added or removed without the need to create a new group with bundled permissions.

Configuration Options

Required Modules

All user accounts require the following modules regardless of any other access requirements:

F5_HIO or F5_SLC (Specifies the customer’s server location)

F5_WebTop

The above modules provide a framework for the icons necessary to allow the customer to access their server, files, etc. No icons will display on the WebTop without further modules being added.

Modules

RDP Access

For non-load balanced users to access their server through a remote desktop connection, the following module must be added to the required modules list:

F5_RDP

Additionally, an entry must added for the IP address of the user’s server in the Office field on the General tab of the user’s active directory account .

Without this entry, the RDP icon will not have an IP Address with which to direct the connection.

File Transfer

Some users need the ability to download files from their LX Online server or to upload files to their server. The F5 Big IP servers allows file transfers using a mapped drive feature. There are three steps necessary to enable this feature, first add the following module to the user’s active directory account:

F5_XFER

The second step is to setup a file share on the user’s LX Online server. This share can be located directly on their server or on another server if they are in a load balanced cluster. The default location for the share is in the C:\GTS\ACCDATA folder. Create a folder called Xfer, and then share is as Xfer$. Share permissions should be set to “Everyone”, with Full Control, while Security permissions should be set so that they only allow the user’s LX online group Full Control to the folder.

The final step is to enter the IP address of the server where the share resides in to the user’s active directory account. On the Telephone tab in Active Directory in the IP Phone field, enter the LX Online server IP address.

SSL VPN Gateway

Users who access their LX Online server using a Macintosh computer or one of the various tablets will need a direct connection through an SSL VPN gateway in order to access their server. The first step to accomplish this is to add the user the following module:

F5_SSLGateway

Macintosh and tablet users must install the Microsoft RD application in order to access their server. Additionally, tablet users must install the F5 Big Edge IP app in order to make the initial SSL connection.

Non-Production/Test server access

Some larger customers have a test server that they use to evaluate new features prior to allowing GTS to install the new GlasPac LX version on to their live server(s). In order to grant users access to their test server, add the following module to the user’s active directory account:

F5_NonProduction

Enter the test or demo server’s IP address in to the user’s active directory account on the Telephone number field on the General tab.

Load Balanced Customers

Most of the larger LX Online customers who have multiple servers use load balancing to gain better performance. In order for the F5 Big IP device to accurately load balance, an additional entry must be added to the user’s active directory account on the Department field of the Organization tab. See the entry below after the module listing:

F5_AllstarGlass_RDP                     allstarglass.lb.gtsonline.net
F5_Binswanger_RDP
                 binswanger.lb.gtsonline.net
F5_ClubAssist_RDP                       
clubassist.lb.gtsonline.net
F5_GlassAmerica_RDP                 
glassamerica.lb.gtsonline.net
F5_NovusUS_RDP                          
novus.lb.gtsonline.net
F5_Speedy_RDP                        speedy.lb.gtsonline.net

Glazier File Shares

A special file share has been setup for Glazier customers. This allows users to upload attachments easily to the server so that they can be entered in to GlasPac LX. The drive maps to V: on their local PC.

F5_Share

The office field is used to identify where the server share is located.

Special F5 Modules

Some groups will need a collection of RDP connections in order to work on several servers. The modules below have been created specifically for these groups and should only be applied to uses in those groups:

F5_DBA

GTS has contracted with a DBA to assist development in optimizing SQL. The DBA WebTop contains several Remote Desktop links to customer servers.

F5_ISCorp          

Several customers contract with IS Corp as a VAR for their Dynamics GP application. The ISCorp WebTop contains several Remote desktop links to customer servers and SQL instances.

F5_LYNX             

Lynx Services acts as an after-hours CSR resource for several LX Online customers. The LYNX WebTop has several Remote Desktop links to the customers they support.

No other modules need to be added to these users besides the required modules and the ones listed in this section.

F5 Modules and descriptions

Have more questions? Submit a request

Comments

Powered by Zendesk