Manual Chapter :
Access Policy Manager configuration tips
Applies To:
Show VersionsBIG-IP APM
- 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.10, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0
Access Policy Manager configuration tips
The following table provides tips for setting up F5 Access for devices.
Feature | Information |
---|---|
Client endpoint checks | Client end-point checks are not currently supported. |
Require Device Authentication | For devices with iOS 9 or later, F5 Access can require device authentication with
one of the device locking methods, including biometric authentication (Touch ID), a
PIN, or a passphrase. To enable device authentication for F5 Access, in the
Connectivity Profile under iOS Edge
Client , enable the options Allow Password Caching
and Require Device Authentication . |
Password caching policy |
|
Enforce Logon Mode | You can enforce the logon mode for the iOS client. In the Connectivity Profile, select iOS Edge Client , and click Enforce Logon Mode . Select Native or Web and click OK . The logon mode will be enforced for all clients that use the connectivity profile. |
Client certificates | Client certificate authentication is supported, either with a
certificate alone or with a certificate secured with a user name and password.
|
On-Demand Cert Auth | If used, the On-Demand Cert Auth action must be placed after
other authentication actions in the access policy. |