Forum Discussion
I was thinking about this as I am in the same boat as far as this potentially becoming a requirement. I think an easy way to do this would be to set up a VS for the F5 management itself and cac-enable that VS using LTM or APM, whichever flavor you choose. Then you still have Radius or username/password as a backup option but never have to use the management IP again except in an emergency when, say, OCSP is down or something.
Ok.....we just upgraded to 12.1.0 as we were told this would support using arbitrary fields from the DOD Token certs to authenticate for MC. I have a VIP setup for one environment and hitting that url it does read the cert and prmopts for PIN; it then goes to the 'local' login screen. How do I get it to authenticate the Subject Alternate Name from token to AD for our -admin accts? I have tried various SSL settings/certs....no luck. Do I have to use Client Cert LDAP config?
thanks in advance...