APM Configuration With Authentications Against Priority ERP & Duo MFA

Question

Hi Team,I have the following scenario and I am looking for ways to implement DUO MFA via APM:Customer have Priority ERP On-Prem Server with SQL DB, users that connect to Priority login page are authenticated locally with SQL query. I know that SQL query is not supported by big-ip to authenticate users. Now we want to add DUO 2FA to login.I have followed the arcitle&nbsp;APM Configuration to Support Duo MFA using iRule&nbsp;and was wondering if there is a way to implament the solution with my scenario? I tried with AD Authentication and it works perfect. The problem is as i mentioned users authenticate localy at the server.The issue is what are my options for First Authentication Factor? I need a way for APM first to pass the user to Priority logon page and after successfull login redirect to DUO 2FA. I have tried to configure "External Logon Page" BUT encountered an endless loop between https:/APM_URL/.my.policy and the logon page.Can anyone advise which options I have with APM to implament the solution?&nbsp;Kind Regards,Max

maxt · Answer

I have tried but there is an issue with customers application, we end up with a redirect loop.

I have wrote an sideband connection iRule to do POST request with users credentials and check the status code from the server.

It works perfectly.

maxt · Answer

I found a solution but getting a hard time to write the right iRule.

I can make API call to the server with iRule sideband Connection to make POST with users credentials.

The flow will be:

https://APM_PORTAL_LOGON/.my.policy ------ > user POST credentials ------- > sideband iRule Event to collect users credentials and POST to server for validation ----- if GOOD proceed to DUO.

Does anyone has iRule sideband connection to validate users credenials ?

momahdy · Answer

Hi Maxt,
Have you tried using External Logon page ? https://techdocs.f5.com/en-us/bigip-15-0-0/big-ip-access-policy-manager-visual-policy-editor/access-policy-item-reference/about-logon-items/about-the-external-logon-page.html

Forum Discussion

APM Configuration With Authentications Against Priority ERP & Duo MFA

3 Replies

Security Best Practices for F5 Products

F5 AppWorld 2026 Registration - early bird pricing.

Kostas Injeyan - October 2025 Featured Member

Recent Discussions

APM VPN LDAP POOL can't contact ldap server.

LTM issue Openning new web browser tab

Issues Integrating Compass Mobile Tree with F5

SSO login for APM Profiles

Can F5 restrict the file types transferred via FTP?

Related Content

Configuring APM Client Side NTLM Authentication

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

Configuring Smart Card Authentication to BIG-IP Management Interface

wccp configuration for SSL Orchestrator

iControl REST Authentication Token Management

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS