APM Policy Two Factor Authentication external and AD authentication internally

Question

Is there a way to use RSA SecureID and two factor Authentciation when people are coming in from externally, but by parsing the ip network if the network is internal use AD authentication and RSA is not needed. All with the APM Access Policy?

michael_koyfma1 · Answer

Yes, of course.  Use the IP Subnet Agent to determine and branch out authentication options based upon source IP in the Visual Policy Editor.&nbsp;

thexfactor82_91 · Answer

We've done this for our SharePoint environment by creating two Virtual Servers on the LTM. The external clients use a two factor auth policy while internal users just AD. Our internal DNS resolve the sharepoint site for clients to one IP while our external DNS Servers advertise a different IP to external clients.

tbenner_148572 · Answer

I am going to try the IP Subnet Agent first.  I thought about creating two virtual servers, but want one due to security department putting in security access rules everywhere

Forum Discussion

APM Policy Two Factor Authentication external and AD authentication internally

3 Replies

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

UCS Encryption Question

Unblock Request WAF

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

VIP in https that redirect to another vip in https

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

iControl REST Authentication Token Management

Doing mTLS Authentication per URL

Two-Factor Authentication With Google Authenticator And APM

APM Sharepoint authentication

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS