APM - How to assign user specific lease pool to network access policy?

Question

We need to implement our vpn policy on APM network access policy.&nbsp;
Our security policy states, each individual person needs to be assigned with an individual user account and an individual ip address. As far as I understand the APM network this results in individual pool configuration along with individual profiles.&nbsp;
Would anyone have faced this requirement too? Would there be a dynamic assignment with say radius authorization or user mapping to reduce the amount of profiles in APM?&nbsp;
Any suggestions welcome!&nbsp;

iaine · Answer

Are you able to query AD...? If so, you could store the IP address in the user object as a custom attribute. Then, as part of the login sequence, query AD to extract the IP and then use that as the client IP

cay_jeglinski_1 · Answer

Thank you for your post iaine!&nbsp;
Yes I followed the same idea. I query the AD for the user memberOf attribute. Each of the security groups used follows a separate leg of the AD query. Then an iRule assigns pools due to the access policy call. The pool name corresponds with the AD username and now this works fine. &nbsp;

Forum Discussion

APM - How to assign user specific lease pool to network access policy?

2 Replies

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

SSL cipher

iApps with load ucs Platform-migrate on newer hardware

Raise your hand if you'll be at AppWorld 2026

Using Terraform to update / modify an existing iRule

getting compiling error when enabling Nginx App_potect

Related Content

Fine-Tuning F5 NGINX WAF Policy with Policy Lifecycle Manager and Security Dashboard

Using Distributed Application Security Policies in Secure Multicloud Networking Customer Edge Sites

What is Multi-Cloud Networking?

LTM Policy

APM-Specific Features for Securing Your Website

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS