Forum Discussion

Jeremi's avatar
Jeremi
Icon for Nimbostratus rankNimbostratus
Jan 30, 2019

F5 APM logon page redirecting to a second F5 APM

Hello all,   I am trying to achieve the following flow: - A first F5 (external) showing an Logon page with radius authentication (OTP behind) which redirect to the second F5 - A second F5 (intern...
application delivery
BIG-IP Access Policy Manager (APM)
iRules
youssef1's avatar
youssef1
Icon for Cumulonimbus rankCumulonimbus
Jan 31, 2019

Hi,

 

in your case, your problem is the architecture deployed to reach your service.there are indeed solutions to overcome your problem but why do complicated when you can do simple.

 

First, avoid cascading APM policies.

 

So for your External Services (External Users) implements this policy:

 

  • External F5 : create a basic VS without APM policy just forward flow to internal VS.

     

  • Internal F5: create a policy with radius auth + AD auth. This internal VS can be reach only from outside (External F5)

     

So fo your Internal Services (Internal Users) implements this policy:

 

  • Internal F5: create a policy with AD auth. Internal DNS will fw user on this VS instead external VS.

Hope it's clear for you. Keep me in touch