Try Duo's trusted access solution now.
Free TrialEffective October 28, 2019 Duo Security will be transitioning to Cisco's Privacy Statement. View the Duo Privacy Data Sheet.
Effective October 28, 2019 Duo Security will be transitioning to Cisco's Privacy Statement. View the Duo Privacy Data Sheet.
Duo integrates with your F5 BIG-IP APM to add two-factor authentication to any VPN login, complete with inline self-service enrollment and Duo Prompt. Check out F5 FirePass SSL VPN if you don't have a BIG-IP APM.
The F5 APM 11.4 may not be clearing out the WebTop session cookies correctly. Try creating an iRule to remove the cookie on the Local Traffic branch of your defined WebTop Access Policy with the following definition (in this example the name of the Access Policy is dfw_vpn):
when HTTP_REQUEST {
if { ([HTTP::uri] == "/") && [HTTP::cookie exists MRHSession ] && [ACCESS::session exists [HTTP::cookie value MRHSession]] }{
HTTP::redirect "https://[HTTP::host]/vdesk/webtop.eui?webtop=/Common/dfw_vpn_webtop&webtop_type=webtop_full"
} elseif { [HTTP::cookie exists MRHSession] } {
HTTP::cookie remove MRHSession
}
}
Consult the BIG-IP Access Policy Manager Configuration Guide for more information about iRule creation and syntax or contact F5 support.
Need more help? Try searching our F5 BIG-IP Knowledge Base articles or Community discussions. For further assistance, contact Support.