Forum Discussion
NimbostratusIn Radius auth, how to allow second attempt of token input when the first input is incorrect?
We currently have a Radius authentication in our access policy on F5 APM. Sometimes the user may mis-input the token received from SMS and we would like the Radius authentication page to ask the user to input again instead of redirecting back to logon page on first mis-input, in other words to have a second attempt for token input with the same token from SMS. Can we achieve this function in F5 APM?
Thanks a lot.
7 Replies
- Injeyan_Kostas
Cirrostratus
You could put the RADIUS authentication process within a dedicated macro and define the desired loop count within this macro.
Then, connect the failure branch of the RADIUS authentication to a loop ending.
felixkThanks for your reply. Our RADIUS authentication is currently inside a macro and we have tried to set loop count and connect failure branch to loop ending but it seems when RADIUS authentication fails, it will automatically fallback to the previous logon page instead of going through the failure branch.
- Injeyan_Kostas
How many Max logon attempts have you configured?
Try to set it to 1 in order to follow fallback branch after each failure and then handle retries with loop.
- felixk
We have tried 1 and 5 times, but the problem is the RADIUS authentication does not enter the fallback/failure branch when authentication is unsuccessful, instead it returns back to the previous logon page. Any idea how to resolve this issue? Thanks!
- Injeyan_Kostas
that's interesting
I tried to reproduce it on a lab env and I had radius failure always following fallback branch
Do you might have a login page in the same macro?
