On the new F5 Big IP devices, the icons and connection modules have been separated from the connection groups that were used by the F5 FirePass unit. This method allows for greater flexibility when setting up customer users, as modules can be added a la carte instead of as a bundle. Below are examples from the original F5 FirePass, and from the new F5 Big IP.
Group Name: F5Tablet
Rights: Connects the user to a specific datacenter (HIO or SLC) depending on the website above
Allows connection to the Secure Connect Website
Provides an RDP connection to the hosted server
Provides an SSL VPN portal
Allows access to a shared folder (Xfer$) on their server via FTP
Group Names: F5_HIO or F5_SLC
Rights: Connects the user to a specific datacenter (HIO or SLC) depending on the datacenter group
Allows connection to the Secure Connect Website/WebTop
Provides an RDP connection to the hosted server
Provides an SSL VPN portal for Mac and tablet connections
Allows access to a shared folder via a mapped T: drive
Should a user need a change made to their access rights, an individual Big IP group can be added or removed without the need to create a new group with bundled permissions.
All user accounts require the following modules regardless of any other access requirements:
F5_HIO or F5_SLC (Specifies the customer’s server location)
The above modules provide a framework for the icons necessary to allow the customer to access their server, files, etc. No icons will display on the WebTop without further modules being added.
For non-load balanced users to access their server through a remote desktop connection, the following module must be added to the required modules list:
Additionally, an entry must added for the IP address of the user’s server in the Office field on the General tab of the user’s active directory account .
Without this entry, the RDP icon will not have an IP Address with which to direct the connection.
Some users need the ability to download files from their LX Online server or to upload files to their server. The F5 Big IP servers allows file transfers using a mapped drive feature. There are three steps necessary to enable this feature, first add the following module to the user’s active directory account:
The second step is to setup a file share on the user’s LX Online server. This share can be located directly on their server or on another server if they are in a load balanced cluster. The default location for the share is in the C:\GTS\ACCDATA folder. Create a folder called Xfer, and then share is as Xfer$. Share permissions should be set to “Everyone”, with Full Control, while Security permissions should be set so that they only allow the user’s LX online group Full Control to the folder.
The final step is to enter the IP address of the server where the share resides in to the user’s active directory account. On the Telephone tab in Active Directory in the IP Phone field, enter the LX Online server IP address.
SSL VPN Gateway
Users who access their LX Online server using a Macintosh computer or one of the various tablets will need a direct connection through an SSL VPN gateway in order to access their server. The first step to accomplish this is to add the user the following module:
Macintosh and tablet users must install the Microsoft RD application in order to access their server. Additionally, tablet users must install the F5 Big Edge IP app in order to make the initial SSL connection.
Non-Production/Test server access
Some larger customers have a test server that they use to evaluate new features prior to allowing GTS to install the new GlasPac LX version on to their live server(s). In order to grant users access to their test server, add the following module to the user’s active directory account:
Enter the test or demo server’s IP address in to the user’s active directory account on the Telephone number field on the General tab.
Load Balanced Customers
Most of the larger LX Online customers who have multiple servers use load balancing to gain better performance. In order for the F5 Big IP device to accurately load balance, an additional entry must be added to the user’s active directory account on the Department field of the Organization tab. See the entry below after the module listing:
Glazier File Shares
A special file share has been setup for Glazier customers. This allows users to upload attachments easily to the server so that they can be entered in to GlasPac LX. The drive maps to V: on their local PC.
The office field is used to identify where the server share is located.
Special F5 Modules
Some groups will need a collection of RDP connections in order to work on several servers. The modules below have been created specifically for these groups and should only be applied to uses in those groups:
GTS has contracted with a DBA to assist development in optimizing SQL. The DBA WebTop contains several Remote Desktop links to customer servers.
Several customers contract with IS Corp as a VAR for their Dynamics GP application. The ISCorp WebTop contains several Remote desktop links to customer servers and SQL instances.
Lynx Services acts as an after-hours CSR resource for several LX Online customers. The LYNX WebTop has several Remote Desktop links to the customers they support.
No other modules need to be added to these users besides the required modules and the ones listed in this section.
F5 Modules and descriptions