APM - How to assign user specific lease pool to network access policy?

Question

We need to implement our vpn policy on APM network access policy.&nbsp;
Our security policy states, each individual person needs to be assigned with an individual user account and an individual ip address. As far as I understand the APM network this results in individual pool configuration along with individual profiles.&nbsp;
Would anyone have faced this requirement too? Would there be a dynamic assignment with say radius authorization or user mapping to reduce the amount of profiles in APM?&nbsp;
Any suggestions welcome!&nbsp;

iaine · Answer

Are you able to query AD...? If so, you could store the IP address in the user object as a custom attribute. Then, as part of the login sequence, query AD to extract the IP and then use that as the client IP

cay_jeglinski_1 · Answer

Thank you for your post iaine!&nbsp;
Yes I followed the same idea. I query the AD for the user memberOf attribute. Each of the security groups used follows a separate leg of the AD query. Then an iRule assigns pools due to the access policy call. The pool name corresponds with the AD username and now this works fine. &nbsp;

Forum Discussion

APM - How to assign user specific lease pool to network access policy?

2 Replies

Recent Discussions

Block CBC

Error while running ansible

URL

Portal Access to HTTPS resources slow

HOW TO HIRE A HACKER TO RECOVER STOLEN BITCOIN. CONTACT FASTFUND RECOVERY

Related Content

What is Multi-Cloud Networking?

Auditing Security Policy Updates

Demo Guide & Video Series for F5 Distributed Cloud Network Connect (Multi-Cloud Networking)

iControl REST Cookbook - LTM policy (ltm policy)

F5 Distributed Cloud - Service Policy - Header Matching Logic & Processing