fix azure

docs/class1/module1/lab1.rst

@@ -31,7 +31,7 @@ Click on **Access** from the Security menu, this should default to Policies.
 .. image:: images/lab1-selecttemplate.png
     :width: 600 px
 
-6. In the **Create PEr-Session Policy** screen, this is where you set the different properties of the policy, such as, logging, language, Single Sign On, etc… Let’s start configuring the policy by setting a policy name and policy parameters.
+6. In the **Create Per-Session Policy** screen, this is where you set the different properties of the policy, such as, logging, language, Single Sign On, etc… Let’s start configuring the policy by setting a policy name and policy parameters.
 
 In the **General Properties** screen set the following parameters, for the rest of the settings you may leave it as default.
 
@@ -81,11 +81,9 @@ After clicking on **Finish** it should bring you back to the Create Policy scree
 
 In Next Access we have two terms in the Visual Policy Designer (VPD); **Flows** and **Rules**. We set the Flows in the Visual Policy Designer (VPD) and within each Flow we can define multiple Rules.
 
-.. image:: images/lab1-createpolicy2.png
+.. image:: images/lab1-vpd-flow.png
     :width: 600 px
 
-
-
 14. As we use a template, the **flow** is already there. We must configure it now.
 
 15. Click on the **Collapse** button to see the content of the **flow**. You can see 2 rules.

docs/class1/module2/lab1.rst

@@ -19,39 +19,22 @@ Configuring a L3 DNS Resolver
 .. image:: images/lab2-myinstances.png
     :width: 600 px
 
-4. This will open the Instance Settings screen. On the left side, click on **Networking & Proxy**. Click on **Routes** tab from the menu across the top. 
+4. This will open the Instance Settings screen. On the left side, click on **Routing & Forwarding**. Click on **Default** VRF. 
 
-.. image:: images/lab2-routes.png
+.. image:: images/lab2-routingforwarding.png
     :width: 600 px
 
-5. Click on **Start Adding Routes**
+5. Enable **DNS Resolver** and add a new entry
 
-6. We will add a new **L3 Forward Type** DNS resolver. In the New Route screen, please enter the following parameters.
+* Name : global_f5_internal_net_resolver
+* Forward Zone : create a new zone
 
-- **Name:** global_f5_internal_net_resolver 
-- **VLANs:** external-vlan, internal-vlan
-- **Config:** L3 DNS Cache Net Resolver
+  * forwardZone : . <- this is a period or single dot
+  * nameserver : 10.1.1.6:53
 
-.. image:: images/lab2-l3fwd.png
+.. image:: images/lab2-dnsresolver.png
     :width: 600 px
 
-7. In the same screen, scroll down to **Forward Zone** in the L3 DNS Cache Net Resolver, and click **Create**. Enter the following parameters.
-
-- **Forward zone:** .  This is a period or single dot
-- **Nameserver:** 10.1.1.6:53
-
-.. image:: images/lab2-dnscache.png
-    :width: 600 px
-
-8. Scroll down to **L3 Forward Type**, set the following parameters.
-
-**L3 Forward Type:** netResolver
-**Name:** global_f5_internal_net_resolver
-**Select:** Use IPv4, Use TCP, Use UDP
-
-.. image:: images/lab2-l3types.png
-    :width: 600 px
-
-9. Click **Save**, and then click **Cancel & Exit** to exit out of the Instance Setting screen.
+9. Click **Save** and **Save**, and then click **Cancel & Exit** to exit out of the Instance Setting screen.
 
 This ends this section of the lab, onto the next. 

docs/class1/module2/lab2.rst

@@ -19,19 +19,21 @@ Click on the **Access** from the Security menu.
 .. image:: images/lab2-accessbtn.png
     :width: 600 px
 
-3. Click the **Start Creating** button to create a new Access policy 
+3. Click the **Start Creating** button to create a new Access policy, or the **create** button on top right corner.
 
 .. image:: images/lab2-createapbtn.png
     :width: 600 px
 
-4. This will open Access Visual Policy Design screen. Click on the pencil next to create new policy.
 
-.. image:: images/lab2-createpolicypencil.png
+4. This will open Access Visual Policy Design screen. Select **Per-Session** and **using a policy template**. Select template **SAML as Service Provider**
+
+.. image:: images/lab2-selecttemplate.png
     :width: 600 px
 
-5. In the **Create Policy** screen, let's start configuring the policy.
+5. In the **Create Per-Session Policy** screen, this is where you set the different properties of the policy, such as, logging, language, Single Sign On, etc… Let’s start configuring the policy by setting a policy name and policy parameters.
+
+In the **General Properties** screen set the following parameters, for the rest of the settings you may leave it as default.
 
-In the **General Properties** screen set the following parameter(s), for the rest of the settings you may leave it as default.
 
 - **Policy Name:** signed_azure_policy
 - Click **Continue** 
@@ -78,53 +80,38 @@ Click on the drop-down arrow on the **Start Creating** button and select **Kerbe
 
 12. **Resources screen**, you can set additional capabilities and features such as Network Access, and Webtops in this screen. In this lab we will not use these capabilities. Click Continue.
 
-13. **Policy Endings**, you can define addition policy ending logic as needed for your use case here. In this lab we will accept the default. Click Finish.
+13. **Connectivity** you can set the SSL VPN (Network Access) connectivity settings. Keep as default and click **Continue**
 
-14. After clicking on **Finish** it should bring you back to the **Create Policy** screen. Now, we will use the Visual Policy Designer (VPD) to continue building the policy.
+14. **Policy Endings**, you can define addition policy ending logic as needed for your use case here. In this lab we will accept the default. Click Finish.
 
-15. Under Flows, drag and drop **Generic SAML Federation** flow to the VPD. You will need click on the little dots to the right of the flow type to grab the flow and drop into the VPD. 
+15. After clicking on **Finish** it should bring you back to the **Create Policy** screen. Now, we will use the Visual Policy Designer (VPD) to continue building the policy.
 
-.. image:: images/lab2-samlflow.png
-    :width: 600 px
+In Next Access we have two terms in the Visual Policy Designer (VPD); **Flows** and **Rules**. We set the Flows in the Visual Policy Designer (VPD) and within each Flow we can define multiple Rules.
 
-:bulb: **Tip:** When dropping the flow type onto the VPD, you want to make sure the flow type box is over the plus sign and the plus sign turns blue.
-
-.. image:: images/lab2-flowdraganddrop.png
+.. image:: images/lab2-vpd-flow.png
     :width: 600 px
 
-The result should look like the following screen shot.
+16. As we use a template, the **flow** is already there. We must configure it now.
 
-.. image:: images/lab2-flow1.png
-    :width: 600 px
+17. Click on the **Collapse** button to see the content of the **flow**. You can see 2 rules.
 
-16. Click inside the Flow type box. This show 3 buttons; **Delete**, **Edit**, and **Collapse** buttons. Click on the **Collapse** button to start adding Rules to the Flow.
-
-.. image:: images/lab2-flow2.png
+.. image:: images/lab2-flowrules.png
     :width: 600 px
 
-Clicking on the **Collapse** button will expand the Flow type box.
+18.  Edit inside the **SAML-Federation** Rule box
 
-.. image:: images/lab2-flow3.png
+.. image:: images/lab2-edit-saml.png
     :width: 600 px
 
-17. Click inside the SAML-Federation Rule box, and select the **Edit** button
-
-.. image:: images/lab2-flow4.png
-    :width: 600 px
+This will open the SAML Federation Rule properties screen. Please follow the images below for each section.
 
-This will open the **SAML Federation Rule** properties screen. Please follow the screenshots below for each section.
 
-18. In the **SAML Rule Properties** configuration, replace the trailing number in the Name field to **azure_signed_policy**. Leave the **Provider Configuration** as **Basic**. Click **Continue**.
+19.  In the **SAML Rule Properties** configuration, replace the trailing number in the Name field to **azure_signed_policy**. Leave the **Provider Configuration** as **Basic**. Click **Continue**.
 
 .. image:: images/lab2-ruleprop1.png
     :width: 600 px
 
-19. In the **Providers** screen, you can set the different Service and Identity Providers in this screen. In this lab we will setup both a Service Provider and Identity Provider.
-
-.. image:: images/lab2-ruleprop2.png
-    :width: 600 px
-
-20. Click on **Start Creating** under Service Provider. In the **Add Service Provider** screen input the following information, and then click **Save**.
+20. In the **Rule Configuration**, **Providers** screen, this is where you can configure Service Provider and Identity Provider. A generic SP is already set. **Edit** it
 
 - **EntityID:** https://mbip-1.f5access.onmicrosoft.com 
 - **Host:** https://mbip-1.f5access.onmicrosoft.com 
@@ -147,17 +134,7 @@ This will open the **SAML Federation Rule** properties screen. Please follow the
 
 23. In the **Branches** screen, keep the default. Click **Finish**.
 
-24. Close the SAML Rule by clicking on the **Collapse** button.
-
-.. image:: images/lab2-samlclose.png
-    :width: 600 px
-
-25. In the SAML Flow Allow branch, set the policy to **Allow**.
-
-.. image:: images/lab2-samlending.png
-    :width: 600 px
-
-26. **Save** the policy and close the VPD by clicking on **Cancel**.
+24. **Save** the policy and close the VPD by clicking on **Exit**.
 
 You have completed creating an security policy!