DUO and F5 ASM integration

Question

Hi All - We want to enable 2 factor authentication for our ASM devices using DUO, these do not have APM licenses enabled. I am only able to find documentation on enabling 2 factor using APM, how do i do it without APM. Please help. &nbsp;
I know that we can enter password, push or password, phone while logging in and that is what we are looking for. Please let me know what needs to be done on DUO end as well. &nbsp;

niels_van_sluis · Answer

When you say you want to enable 2FA for your ASM devices using DUO, do you mean that you want to use this for administrative users? If so you can use the Duo Authentication Proxy (DAP). The DAP is basicly a RADIUS server. On the DAP you can configure for example AD authentication as the first factor and DUO push or sms for the second factor. I've tested this and it works. However the response (ack) for the second factor needs to be acknowleged pretty fast, otherwise the F5 will timeout. I've not yet found out if it's possible to increase this timeout.&nbsp;
Also see: https://support.f5.com/csp/article/K17403&nbsp;

Forum Discussion

DUO and F5 ASM integration

Recent Discussions

Application only need to access from 2 uris

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

AS3 Limitations

Unable to install firmware OS and drop at 10%

Statistics ›› Analytics : HTTP : Overview

Related Content

APM Configuration to Support Duo MFA using iRule

Making Mobile SDK Integration Ridiculously Easy with F5 XC Mobile SDK Integrator

Access Troubleshooting: BIG-IP APM OIDC integration

Duo Authentication Proxies

Integrating the F5 BIGIP with Azure Sentinel

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS