ADFS Proxy Replacement on F5 BIG-IP
BIG-IP Access Policy Manager can now replace the need for Web Application Proxy servers providing security for your modern AD FS deployment with MS-ADFSPIP support released in BIG-IP v13.1. This arti...
Published Mar 13, 2018
Version 1.0
Marvin
Cirrocumulus
CirrocumulusOK great, we also verified the client cert authentication and it is also working and looking good. I believe the real-time revocation check is not possible with LTM and we have to import the CRL list manually? For that I strongly recommend a RFE to include this feature in LTM. I know that with APM it is possible but we are not using the access policy for this setup and I wont recommend it either.
Is there a solution available to do (realtime) CRL check in the client SSL profile client authentication section or do I have to request a RFE? Perhaps OSCP is a good alternative for this in LTM?
Ps: Thanks for sharing all your information it is very useful and helped me a lot!