Forum Discussion

Nimbostratus

May 30, 2014

Best Practice for SAML, F5

I currently have a situation where the team as designed the following for SAML: Active/Passive If server A goes dead, server B becomes active. When server A comes back online, I now have an act...

design

security

R_Eastman_13667

Historic F5 Account

May 30, 2014

I think that you should probably have both active at all times and configure your pool load balancing to use both based on your requirements. If one node in the pool goes down, traffic will be routed to the remaining active node in the pool. Any connections to the inactive node when it failed will be routed to the active node in which users will have to re-authenticate with the SAML IdP. When the inactive node comes back online, it will be available for new connections. Existing connections to the active node will continue.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Best Practice for SAML, F5

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How APM GET IOS UUID & Andriod MAC

Expired client-certificate

F5 Big-IP Trust Internal CA Chain certificates for Web Servers

XC - geo LB to the origin servers

Floating Ip Problem

Related Content

AS3 Best Practice

F5 Certified Practice Exams

Five Ways to Automate F5OS with Ansible: A Practical Guide

Cipher Suite Practices and Pitfalls

Security Best Practices for BIG-IP & BIG-IQ systems

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS