Forum Discussion
5 Replies
Hi! By on the go I assume that they can have any public IP, or do they have a static IP via your internal Wifi?
If it's via your wifi it's fairly simple. I assume you have a virtual server already with an application running? Is it possible to create a new one?
Assuming that you have a static IP via the internal Wifi you can do this.
Create this iRule (configure according to comments):
when HTTP_REQUEST { Replace 190.10.0.1 with your office IP and tablet.domain.com with the domain you want to use for the tablet users. if { [IP::addr [IP::client_addr] equals 190.10.0.1] and [HTTP::host] eq "tablet.domain.com" } { This will be the pool for the tablet application pool tabletpool } else { This would be the pool you used for everything else pool theusualpool } }
If you can create a new virtual server you can just use a modified version of the iRule above:
when HTTP_REQUEST { Replace 190.10.0.1 with your office IP and tablet.domain.com with the domain you want to use for the tablet users. if { [IP::addr [IP::client_addr] equals 190.10.0.1] } { This will be the pool for the tablet application pool tabletpool } else { Drop all other requests drop } }
Hope I understood you correctly, good luck!
/Patrik
- vmwaretrain_137Nimbostratus
Hi Patrik,
I need to start at the very beginning. No virtual server created. I do not know how to create one. No application associated with the virtual server. The devices will connect from any public IP address. I need to know all of the steps.
- Then I assume that it'd be ok for the application to be accessible by anyone on the internet and not only your corporate users?
- vmwaretrain_137Nimbostratus
Yes - They would need to authenticate to the application (No AD , LDAP, RADIUS)
Check here for a list of deployment guides: https://f5.com/solutions/deployment-guides
Choose the guide that fits your components the best ie, Microsoft Internet Information Services + v11, and follow it as well as you can.
Your scenario seems to be a pretty much straight forward solution covered by the docs in that list.
Short version of what you need to do it:
- Create nodes (the server IP's that hosts your application). Local Traffic -> nodes
- Create a pool and assign those nodes as members. Local Traffic -> Pools
- If the application will run over ssl, you need to import an SSL certificate + key or create a self signed one (self signed is NOT recommended for security reasons). System -> File Management -> SSL Certificate list
- Create an SSL profile and assign the certificate + key in the drop down menus. Local Traffic -> Profiles -> SSL -> Client.
- Create a virtual server and chose the public IP you want to use for the people accessing the application. -> Local Traffic -> Virtual servers
- In the Virtual traffic creation form, choose HTTP profile "HTTP", choose the SSL Client profile you just created, choose the pool you created earlier as default pool
- If your application servers does not use the load balancer as default gateway you need to specify "automap" in the "Source translation" option when creating the virtual server. Please note that this would hide the client IP's in the web server logs unless you enable X-Forwarded-For and make sure that web servers can log that header value.
Note that this short guide would assume that you have everything correctly setup in terms of networking on the load balancer (self IP's, VLANs, routes, etc).
But I would still check out the deployment guide. :)
Good luck!
/Patrik