F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

Introduction Lab guide Phase 1: Token Generation Phase 2: Token verification Related Content Introduction In our walkthrough we are refreshing an existing time-based one-time password (TO...

Published May 08, 2023

Version 1.0

Access_Policies.zip6 KB

application delivery

cloud

Security

series-f5-access-security

Verified Designs

momahdy

Employee

Joined May 16, 2019

View Profile

momahdy

Employee

Jan 08, 2024

dupapa Thanks a lot for your comment, regarding your questions,

1- Yes, Another logon page.

2- For this to be acheived, we can put the validation within a macro and allow for multiple repeats, I will try this out in the lab and update the article with the results.

The OTP generate and verify relies on token being generated at F5, in some environments, there's a need for secret key used for generation and validation to be external to F5, from there the need for such approach was made. So, it's almost like we are creating a custom OTP validate plugin, will try out the macro approach and let you know.

Thanks again,

Mohamed

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS