Forum Discussion

henry_kay_36032's avatar
henry_kay_36032
Icon for Nimbostratus rankNimbostratus
Aug 23, 2013
Solved

F5 APM integration with Vasco 2FA authentication with SSO

hi all, i am currently trying to configuration F5 APM to integration with Vasco for 2FA authentication and SSO for various VDI. I have search through both ask F5 and dev central but i can't seem to find any documentation on the integration. does anyone have any experience or any documentation that i can use for this implementation?

 

really greatly appreciate your help on this.

 

  • I did implemented this design.. 1) Logon to the VASCO Web administrator portal. Click Client --> Register--> Select RADIUS Client --> Enter the BIG-IP APM IP Address--> Select the Policy created-> Save.

     

    2) BIG-IP Log on web portal --> Click Access Policy-->RADIUS--> Create --> Name it (Enter Text) --> Mode Selection Auth or Accounting or Auth and Accounting --> Select Pool if you are using multiple VASCO Server otherwise direct if only one.

     

    before doing this please make sure the server pingable from the BIG-IP machine and also the required ports were open.

     

    Thank you. Skumar

     

2 Replies

  • Vasco is just a token server right? it probably communicates via RADIUS so you should setup it pretty much identical to any radius token solution.

     

    on your logon screen you can either choose the have the user fill in the token code as password or add a third text box for the token and do both AD / LDAP and token validation. in that case you have to replace your password variable with the token variable before performing the token auth.

     

    SSO is also just working if you use the correct fields in your SSO statements.

     

  • I did implemented this design.. 1) Logon to the VASCO Web administrator portal. Click Client --> Register--> Select RADIUS Client --> Enter the BIG-IP APM IP Address--> Select the Policy created-> Save.

     

    2) BIG-IP Log on web portal --> Click Access Policy-->RADIUS--> Create --> Name it (Enter Text) --> Mode Selection Auth or Accounting or Auth and Accounting --> Select Pool if you are using multiple VASCO Server otherwise direct if only one.

     

    before doing this please make sure the server pingable from the BIG-IP machine and also the required ports were open.

     

    Thank you. Skumar