Forum Discussion

Cirrostratus

Jan 20, 2016

disable re-auth for NA accesses to internal resources protected by Access Policies (2FA)

Hi I have this use-case: users connect to an APM (Network Access). No SNAT so the client virtual IP is then routed in the internal network. They must access some internal resources which are pro...

BIG-IP Access Policy Manager (APM)

security

Josiah_39459

Historic F5 Account

Jan 21, 2016

Alex, is the VPN a full tunnel? Or a split tunnel and the APM resources are inside the VPN? If the traffic comes through the VPN it shouldn't have to reauthenticate for those other VIPs. The only reason it would have to reauthenticate is if it didn't go through the tunnel and went directly to them, because it wouldn't send the session cookie. In that case, you could share the session cookie between the vips using a domain cookie.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)