For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

w-reseau_282897's avatar
w-reseau_282897
Icon for Nimbostratus rankNimbostratus
Aug 10, 2016
Solved

Two factor authentication with two different APM in the same SSL session of the first F5

Hi,   I want to dissociate authentication into two F5, one in front of internet and the other in a DMZ.   Actually, I've one F5 in DMZ internet and it make compliance, certificate check and AD ...
application delivery
BIG-IP Access Policy Manager (APM)
  • Lucas_Thompson_'s avatar
    Lucas_Thompson_
    Aug 11, 2016

    Could you describe your issue more clearly? What problem are you trying to solve?

     

    APM tracks user sessions by "MRHSession" session cookie.

     

    APM is also aware that VPN (Network Access) traffic through it is always part of a already-existing user session. So it is impossible to create a VPN tunnel, then log in again to the same APM box with different user credentials.

     

Lucas_Thompson_'s avatar
Lucas_Thompson_
Historic F5 Account
Aug 11, 2016

Could you describe your issue more clearly? What problem are you trying to solve?

 

APM tracks user sessions by "MRHSession" session cookie.

 

APM is also aware that VPN (Network Access) traffic through it is always part of a already-existing user session. So it is impossible to create a VPN tunnel, then log in again to the same APM box with different user credentials.

 

boneyard's avatar
boneyard
Icon for MVP rankMVP
Aug 13, 2016

so are you ok with the second APM showing another login page, or do you expect it to know somehow?