F5 APM - Kerberos Auth Question

Question

We are in the midst of moving our authentication for one of our sites to Kerberos.  Started configuring Kerb and got the keytab from the server guys.  the problem is that I through keytab into kerb auth profile, and now its not sending auth traffic TO the kerb server. Am I missing something?&nbsp;
&nbsp;
I know Im probably doing this wrong, but any help would be appreciated. I tried following the AskF5 doc, but got lost. Thank you.&nbsp;
RGW&nbsp;

josiah_39459 · Answer

Kerberos auth is SPNEGO.  It will not query your Kerberos server.  The client must be domain joined and the client gets a ticket from the domain server directly then sends that ticket to the big f5 which verifies it against the keytab.&nbsp;
Maybe you are looking for Kerberos SSO?&nbsp;

Forum Discussion

F5 APM - Kerberos Auth Question

1 Reply

Recent Discussions

iRule interpretation assistance

F5 Access Guard Deprecated: ZTA APM

Inquiry on F5's Maintenance Mode Feature for Pool Members

ASM Bot Defense JS and CSP

CWE-20: Improper Input Validation

Related Content

SWG, Kerberos Auth and identify users by credentials

APM Kerberos Auth or fallback to another authentication method

Bolt-on Auth with NGINX Plus and F5 Distributed Cloud

Health monitor question

F5 Connection Mirroring question