10-May-2022 02:22 - edited 10-May-2022 02:25
Hello,
Zscaler ZIA can user Kerberos Authentication even for Remote users (Road Warriors as they call them) but then a KDC proxy is needed like Microsoft DirectAccess to translate the HTTPS Kerberos traffic to normal TCP (like a proxy but for Kerberos) and I was wondering if F5 APM can do the same and to provide the ticket to client that then the client sends to Zscaler. All the F5 APM features seem to be related to not send the ticket directly to the client but to act as a man in the middle.
https://help.zscaler.com/zia/about-kerberos-authentication
https://help.zscaler.com/zia/about-kerberos-authentication#kerberos-features
11-May-2022 08:58
let me ask around...