For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Rosieodonell_16's avatar
Rosieodonell_16
Icon for Cirrus rankCirrus
Mar 08, 2019

F5 client - Only want it to connect from the webtop

Hi Everyone,

 

I wanted to setup a scenario where a user has to always sign in and authenticate to a webtop (which we have 2 factor setup), click on the vpn resource on the webtop, and launch the F5 bip-ip client for the connection.

 

I don't want the user to be able to just fire up the VPN client and get access without logging in to the web portal/webtop setup. (no bypassing the 2fa piece)

 

Is this possible to always enforce?

 

2 factor authentication
application delivery
BIG-IP
BIG-IP Access Policy Manager (APM)
big-ip edge client
security
vpn
webtop

1 Reply

  • KeesvandenBos's avatar
    KeesvandenBos
    Icon for MVP rankMVP
    Mar 09, 2019

    You could create a login page for the edge client and enable 2fa on that login page.

     

    You can use the client type agent in the VPE to make a branch for the edge client. (or combine both browser and edge client login into the same branch and login page.

     

    Cheers,

     

    Kees