Can you restrict URL access to certain AD users?

Question

I have an admin menu that can be run by anyone who knows the URL. Is there a way to restrict access to only the administrators of the application?

sanjayp · Answer

This isn't possible with standalone LTM module. You would need to have APM module, where you can enable login page and MFA/AD auth for the admin URL, run AD query to check if user is part of particular AD group and then action of allow or deny.

Other possible solution with LTM could be -

1) Use basic auth iRule on LTM with locally created username/password in the data group.

Reference- https://devcentral.f5.com/s/feed/0D51T00006pZh6iSAC

2) to reject the access from the internet for ANY and allow access only from the internal network range and for more security allow access ONLY from the jump server used by application admins.

Forum Discussion

Can you restrict URL access to certain AD users?

1 Reply

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

Restricting Access to Virtual from client IP address in X-Forwarder-For HTTP header

SSL Orchestrator Advanced Use Cases: Enabling GCloud Organization Restrictions

Restricting access to a virtual server by Public IP address should access through only domain name.

Federated AWS Console Access Made Easy: F5 BIG-IP Access Policy Manager Access Guided Configurations

Restricting direct access from public IP