Add custom Radius attribute "NAS Identifier" in APM
Hi F5 community,
I would like to ask you a question regarding APM and Radius authentication. We have a backend Radius server which can authenticate users in Active Directory ONLY or in Active Directory and One-time-password. So all authentication requests are sent to the Radius Server. We use the NAS Identifier to select "Client Policies" on the Radius server to choose if the user needs AD authentication only or AD+OTP. This can be used together with AD Security groups. So the initial idea was to use these AD Security groups to create a group per Application published on F5. These groups are associated to Client Policies on the Radius server.
So my question is: Is it possible to change the NAS Identifier in VPE or is it possible to add Radius "NAS Identifier" attribute in APM? I found maybe a workaround with
RADIUS::avp replace NAS-Identifier $nasid "string"
but I do not fully understand how to implement this on F5? Is this on LTM base or APM and how to receive information about URL visited by the user?
The best solution is to add a Radius attribute "NAS Identifier" in APM?
Kind regards,
Gilles