APM SSL VPN with 2 Radius Token

Question

Hello F5 community,&nbsp;
One question, it is possible to have an APM SSL VPN policy, authenticated through active directory and two Radius Tokens servers so that I can use the token code of a radius server to successfully communicate, for example Client ---- -&gt; Active Directory --- AND ---- (Radius1 ---- OR ---- Radius2) --- = Successful VPN&nbsp;

yoann_le_corvi1 · Answer

Hi&nbsp;
It should be possible. What criteria would decide whether Radius 1 or Radius 2 would be used ?&nbsp;
For example you could imagine :&nbsp;
1 - AD Auth&nbsp;
2 - AD Query to get the group membership&nbsp;
3 - If Group 1 -&gt; Radius 1 --&gt; Success&nbsp;
4 - If Group 2 -&gt; Radius 2 --&gt; Success&nbsp;
Of course the criteria can be pretty much anything in your case. And you could cascade the Radius. If Radius 1 fail, try Radius 2...&nbsp;
Yoann&nbsp;

Forum Discussion

APM SSL VPN with 2 Radius Token

1 Reply

Recent Discussions

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

Related Content

iControl REST Authentication Token Management

iRule based RADIUS Client Stack

iRule based RADIUS Health Monitor Builder

set TOKEN [getfield [HTTP::uri]

iRule based RADIUS Server Stack