LDAPS account interception through Virtual Server - Is it possible

Question

Dear devcentral,&nbsp;I'm currently faced with an issue where an administrative user is being locked out because multiple attempts are failing.These attempts and connections, are routed through an F5 virtual server, which has Automap enabled, so the requests appear to be coming from the F5 itself.&nbsp;Is it possible, somehow, to intercept the username of this request and the client IP, in order to ascertain where the lockout attempts are coming from?&nbsp;Thanks a lot in advance

nikoolayy1 · Answer

If you can stop the SNAT Auto Map and configure your network and routing to return LDAP replies back to the F5 device ?

https://support.f5.com/csp/article/K14225515

You can also review this post:

https://devcentral.f5.com/s/question/0D51T00007BG1Pc/insert-client-ip-address-on-ldap-vs

Forum Discussion

LDAPS account interception through Virtual Server - Is it possible

1 Reply

Recent Discussions

F5 Rseries HA

Error when running bigip_command Playbook against LTM : Syntax Error: unexpected argument /bin/sh\n

Can iRule be used to perform exception of IPI category based on Geolocation

Can iRule mask the payload content on event logs of security

minimum tmos software version for connect CIS (openshift)

Related Content

Create a DevCentral account

LDAPS account interception through Virtual Server - Is it possible

Change admin account

DevCentral to Require Multi-Factor Authentication for Account Login from September 26

ForgeRock with F5 Distributed Cloud (XC) Account Protection and Authentication Intelligence