Forum Discussion

vinodhkumarc_28's avatar
vinodhkumarc_28
Icon for Nimbostratus rankNimbostratus
Jul 13, 2018

F5 Reverse Proxy with MFA

Hi,

 

We have a requirement to implement reverse proxy with multifactor authentication. The current network setup has a cloud WAF which forwards traffic to on-premise application LB VIP. F5 support guided me to use APM+LTM in DMZ which will act as revers proxy with mfa.

 

But from the APM data sheets, it looks more of a SSL VPN. So I am concerned if this solution will work with SSL inspection on the Cloud WAF.

 

Traffic flow,

 

External user (HTTPS) >> Cloud WAF (SSL inspection, NAT) >> F5 APM + LTM (Reverse proxy + MFA + SSL offloading) >> Internal LB >> HTTP APP Servers

 

Can anyone please guide me on this requirement.

 

application delivery
BIG-IP Access Policy Manager (APM)
LTM
reverse proxy
security
ssl inspection
  • ThatDeveloper's avatar
    ThatDeveloper
    Icon for Nimbostratus rankNimbostratus
    Mar 09, 2022

    Hi vinodhkumarc_28,

    MFA/ 2FA is a very important feature to have. Never compromise on security dude.

    We switched multiple reverse proxy solutions at a startup I was working with. We ended up switching to a new provider which also turned out to be a cheap reverse proxy provider and was sophisticated enough for our varying use cases. the company is miniOrange and they sure are an underdog amongst the huge competitors like Nginx or HAproxy. They're services are cheaper and the 24/7 customer support is blazingly fast globally.

    Here's link to check them out:  https://www.miniorange.com/reverse-proxy/

    They were really helpful and patient in resolving our senior developer's queries.

  • Anesh's avatar
    Anesh
    Icon for Cirrostratus rankCirrostratus
    Jul 13, 2018

    Refer the F5 APM guide here, it can be used as an SSL VPN and also as a authentication proxy, So to answer your question it does support MFA. You can also refer to this article, as an example for MFA