Forum Discussion
EastCoast_16835
Altostratus
Feb 10, 2017APM: Issue with RSA Authentication
I have a question on the published APM documentation for RSA.
We follow the standard setup described below for integrating RSA and AD authentication.
https://support.f5.com/kb/en-us/products/big-ip_a...
stan_piron
Cumulonimbus
Feb 11, 2017Hi,
this is the default behavior.
when authentication fails and user is prompted to authenticate again, all boxes result and branches between logon page and authentication box are cached and not evaluated anymore.
if you want to support both AD auth and RSA Auth in the same logon page, you must create a macro with "loop count" set to 3 (number of loop before reject connection) and set AD auth max attempts to 1
- if RSA Auth fails --> ending
loop - if AD Auth fails --> ending
loop - if both RSA and AD Auth success --> ending
success
rename ending
out to success when you create the macro
ending loop is created when you set
loop count to 3 in macro properties.
then, when you insert the macro in the VPE tree, the loop branch must lead to
deny ending.Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects