The BIG-IP® Access Policy Manager® (APM) includes network access support for remote Linux clients. You can use APM® for secure remote access in mixed-platform environments. You do not need to preinstall or preconfigure any client software if the client allows installation of the required browser components.
The first time a remote user starts network access, the BIG-IP APM downloads a client component. This client component is designed to be self-installing and self-configuring, but the user must use Firefox to be able to install a plugin on Linux systems. If the browser does not support this requirement, the BIG-IP APM prompts the user to download the controller client component from the controller and install it manually.
Linux systems must also include PPP support (this is most often the case). When the user runs the network access client and makes a connection for the first time, the client detects the presence of PPPD (Point-to-Point Protocol Daemon), and determines whether the user has the necessary permissions to run it. If PPPD is not present, or if the user does not have permissions needed to run the daemon, the connection fails.
You can initiate connections through network access from Linux systems, by connecting to the virtual server address using a browser, or by starting the BIG-IP® Edge Client®.
BIG-IP® Access Policy Manager® supports all of the primary network access features on Macintosh and Linux clients, except for Drive Mappings and some client checks.
|Secure remote access to an internal network||Includes support for IP-based applications.|
|Split tunneling||Only network traffic that you specify goes through the network access connection.|
|IP address filtering with connection-based ACL||Allows you to restrict groups of users to specific addresses, ranges of addresses, and ports.|
|Allow local subnets||Includes forcing all traffic through the tunnel.|
|Application launching||You must configure the starting of remote client applications based on the operating system on the remote computers. You can configure all other features independent of the remote client operating systems.|