Forum Discussion

Nimbostratus

Aug 04, 2025

F5 APM 2FA through SMTP

Hello, We need to perform 2FA but by using F5 only, we don't have other MFA solutions like Duo, Google Authenticator,.... So can we use F5 to generate token and send it to the user using his ...

Nacreous

Aug 04, 2025

Hi User100000

you can just use the appropriate template which you can find as macro inside VPE

just replace AD Query and Auth with Local DB and create an SMTP configuration

For trial MFA you can check DUO or Microsoft Entra
Entra might be a free option as well but without conditional access etc.

For a complete free MFA solution you could use Keycloak as IDP and use saml or oauth federation with APM

User100000
Nimbostratus
Aug 09, 2025
Thanks,

Do you have the exact steps needed to use F5 on its own for OTP, to send the token generated from it to the user through SMTP?
- Injeyan_Kostas
  Nacreous
  Aug 09, 2025
  As said there is already a macro template which you can use in your APM policy for this exact reason.
  create a new policy
  add a new macro
  select macro template "AD query auth OTP by email and resources"
  add this macro to the actual policy
  
  The only thing you have to configure yourself is your authentication method, macro uses AD but you can use local DB too, and the SMTP configuration under "System ›› Configuration : Device : SMTP"
  - User100000
    Nimbostratus
    Aug 10, 2025
    I need to send email address to the user
    
    the user exist on local database, what we need to do that when the user log, F5 gets the email address of the user who login and send the OTP to this email,
    
    How to map this in the policy by getting the email address according to the login user from the local database?