F5 APM+LTM, DHCP Question...

Question

Hey,&nbsp;
is it possible to implement apm+ltm in a lan environment without establishing vpn tunnel.
for example a policy of:&nbsp;
apm login page &gt; ad authentication &gt; display different network resources according to the ad group.
and when a client chose one of them, instead of establishing an ssl-vpn session, provide him with a dhcp address according to what he chose (by f5 internal lease pool or my company's dhcp server).
the default gateway is source based route.&nbsp;
thanks
Or.&nbsp;

amolari · Answer

It's not possible. Network access resource are VPN-SSL tunnels&nbsp;

m_quevedo · Answer

You can get an IP from DHCP in an APM Access Policy using this solution:&nbsp;
Get IP Addresses from DHCP for APM VPN Clients/Network Access Tunnels&nbsp;
Once you have an address, making the client use it is another project.  You could make the client run a script to change its IP.  That can only work when the client is homed on the same subnet as the new IP (or with some fancy infrastructure).&nbsp;

Forum Discussion

F5 APM+LTM, DHCP Question...

2 Replies

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

SSL cipher

CPU utilization of F5OS on r2600

F5OS VLAN naming length restrictions

iApps with load ucs Platform-migrate on newer hardware

Raise your hand if you'll be at AppWorld 2026

Related Content

APM-DHCP Access Policy Example and Detailed Instructions

DHCP Relay Virtual Server

DHCP Monitor

UCS Encryption Question

iRule to set SameSite for compatible clients and remove it for incompatible clients (LTM|ASM|APM)

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS