Forum Discussion

Dave_Nulty's avatar
Dave_Nulty
Icon for Altocumulus rankAltocumulus
Sep 19, 2019
Solved

APM - Change the interface name used for VPN-SSL on windows

I need to change the interface/adpater name from what is created to something a little more user friendly. I have found article K95422068 but it doesn't seem to work for me, could someone explain how to best implement the Variable assign to the policy and the correct syntax to use?

 

Thanks

APM
application delivery
BIG-IP

3 Replies

Sort By
    • Dave_Nulty's avatar
      Dave_Nulty
      Icon for Altocumulus rankAltocumulus
      Sep 20, 2019

      Hello Dave

       

      the specific thing si@m trying to do is change the virtual adapter name from _Common_nal_SSLVPN to something like Company_VPN. The syntax I've found to use is

       

      Configuring the access policy to use custom variableTo configure the access policy with a custom variable to specify the name the client uses for the F5 VPN adapter, perform the following procedure: 

      Impact of workaround: Performing the following procedure should not have a negative impact on your system. However, F5 recommends testing any such changes during a maintenance window with consideration to the possible impact on your specific environment.

      1. Log in to the BIG-IP Configuration utility.
      2. Navigate to Access > Profiles / Policies > Access Profiles (Per-Session Policies).
      3. Note: For versions prior to BIG-IP 13.0.0, navigate to Access Policy > Access Profiles > Access Profiles List.
      4. Click Edit for the affected access policy to open the Visual Policy Editor.
      5. On a branch after the Logon policy item but before the resource is assigned, click the (+) icon to add an item.
      6. Click the Assignment tab.
      7. Click Variable Assign.
      8. Click Add Item.
      9. On the Properties page for the policy item, for Name, type a name for the policy item.
      10. Click Add new entry.
      11. Under Assignment click change.
      12. In the Custom Variable box, enter the following variable name syntax:
      13. config.connectivity_resource_network_access./Common/<network_access_resource_name>.client.ConnectionTrayIcon
      14. Note: Replace <network access resource name> with the name of the network access resource.
      15. In the Custom Expression box, enter the following expression syntax:
      16. return "</ConnectionTrayIcon><connection_name_txt>F5VPN</connection_name_txt><ConnectionTrayIcon>"
      17. Note: Replace <connection_name_txt> with the name of the adapter that the client creates.
      18. Click Finished.
      19. Click Save.
      20. Click Close to close the Visual Policy Editor.
      21. Select the check box next to the access policy you just edited.
      22. Click Apply Access Policy.

       

      The next time the VPN is established, a new virtual adapter entry is created with the name provided in <connection_name_txt> tag.

       

      so

       

      config.connectivity_resource_network_access./Common/nal_SSLVPN.client.ConnectionTrayIcon

       

      to

       

      return "</ConnectionTrayIcon>Company_VPN<ConnectionTrayIcon>"

       

      is that correct?

       

      Thanks