APM two-factor authentication issues.

Question

Hello All&nbsp;
I have a APM used two-factor authentication ,The first is AD auth and the second is DUO auth.Have been able to used two-factor authentication.&nbsp;
My question is below:&nbsp;
When the user used the VPN  and then exit the F5 edge client.&nbsp;
"After one hour".The user to login the F5 edge client again.&nbsp;
I need the user to automatically skip AD authentication, only perform DUO authentication.&nbsp;
If more than one hour, The users need to perform all the two-factor authentication.&nbsp;
So. How to configurtion my APM ,To login again in one hour, only perform DUO authentication.?  
&nbsp;
Thanks again everyone.&nbsp;

lee_sutcliffe · Answer

This would be quite tricky as you would need to record when a user has authenticated to determine if they have previously logged in within the last hour. APM does not native way of checking if a user has previously authenticated 
When a user logs off, the session is terminated and APM no longer holds session variables, so the only things I can think of are: Have something on the client that can be read using a client side check. Or, use an irule to write the username and a timestamp to the session table. 
Based on the presence of this information you can make a decision on what AAA method to use. &nbsp;

Forum Discussion

APM two-factor authentication issues.

1 Reply

Recent Discussions

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

SMS server with BIGIP

Related Content

Two-Factor Authentication With Google Authenticator And APM

Two-Factor Authentication – Captive Portal

Two-Factor Authentication With Google Authenticator And LDAP

Two-Factor Authentication – Remote Desktop Gateway

APM Cookbook: Two-Factor Authentication using YubiKey OTP with iRulesLX.