LTM Configuration for kerberos

Question

I have gone through the LTM implementation guide few times, but I am still not clear if LTM has to be configured for Kerberos delegation.&nbsp;
There are two Web servers(IIS 8) with Kerberos only authentication (Negotiate : Kerberos) set. SSL is terminated on IIS; LTM is used to load balance only and there is no SSL offloading on LTM(SSL pass-through).&nbsp;
Web Server Configuration: 
1. SPNs are created for each Web Server and the DNS used in the LTM
2. A domain account is used for the Application Pool Identity to decrypt the kerberos tickets on any server behind the load balancer. Domain account is configured with “Trust this user for delegation to any service (Kerberos only)"&nbsp;
Can someone please let me know if the following steps are correct for the LTM?&nbsp;
1.Create a Kerberos Delegation configuration objects for each Web Server (SPNs)
2.Create a Kerberos delegation profile objects&nbsp;
3.Create load balancing pools to load balance SSL traffic
4.Create virtual servers. Assign the Kerberos Delegation profile to the virtual server by configuring the virtual server’s Authentication Profile setting&nbsp;

mahmoud_el-say1 · Answer

I need reply on that question if anyone know? &nbsp;

Forum Discussion

LTM Configuration for kerberos

1 Reply

Recent Discussions

Issue on license renewal

Maximum throughput of f5 ltm

iRule cookie persistence and pool redirect

redirect not working

Access azure app service using f5 LTM

Related Content

LTM Diameter iRules and Profile Configurations with Support for Server Initiated Request

LTM 9.4.2+: Custom Syslog Configuration

LTM: Configuring IP Forwarding

Getting Started with BIG-IP Next: Configuring Instance High Availability

LTM VE behind Sophos Firewall deployment - configuration/setup question