We have a requirement to implement reverse proxy with multifactor authentication. The current network setup has a cloud WAF which forwards traffic to on-premise application LB VIP. F5 support guided me to use APM+LTM in DMZ which will act as revers proxy with mfa.
But from the APM data sheets, it looks more of a SSL VPN. So I am concerned if this solution will work with SSL inspection on the Cloud WAF.
External user (HTTPS) >> Cloud WAF (SSL inspection, NAT) >> F5 APM + LTM (Reverse proxy + MFA + SSL offloading) >> Internal LB >> HTTP APP Servers
Can anyone please guide me on this requirement.
MFA/ 2FA is a very important feature to have. Never compromise on security dude.
We switched multiple reverse proxy solutions at a startup I was working with. We ended up switching to a new provider which also turned out to be a cheap reverse proxy provider and was sophisticated enough for our varying use cases. the company is miniOrange and they sure are an underdog amongst the huge competitors like Nginx or HAproxy. They're services are cheaper and the 24/7 customer support is blazingly fast globally.
Here's link to check them out: https://www.miniorange.com/reverse-proxy/
They were really helpful and patient in resolving our senior developer's queries.