Manual Chapter : Creating a virtual server for Ephemeral Authentication

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 16.0.0
Manual Chapter

Creating a virtual server for Ephemeral Authentication

Before you begin, you need to have created the Ephemeral Access Configuration that you want to associate with a virtual server for privileged user access as well as an access policy, and a connectivity profile.
This task describes how to create the virtual server that acts as the Ephemeral Authentication server and which includes the access profile/policy containing the AAA agent to authenticate the end user and the webtop resources for ephemeral authentication.
  1. On the Main tab, click
    Local Traffic
    Virtual Servers
    .
    The Virtual Server List screen opens.
  2. Click
    Create
    .
    The New Virtual Server screen opens.
  3. In the
    Name
    field, type a unique name for the virtual server, such as
    pua_webtop
    .
  4. For the
    Destination Address/Mask
    setting, confirm that the
    Host
    button is selected, and type the IP address in CIDR format (address/prefix).
    The various virtual servers being used for ephemeral authentication (LDAP, LDAPS, and/or RADIUS) can all have the same Destination Address as long as they use different service ports.
  5. In the
    Service Port
    field, select
    HTTPS
    , port
    443
    .
  6. For
    Protocol Profile (Client)
    , select
    tcp
    .
  7. For
    HTTP Profile (Client)
    , select
    http
    .
  8. For
    SSL Profile (Client)
    , select a client profile, such as
    clientssl
    .
  9. For
    Source Address Translation
    , select
    Auto Map
    .
  10. For
    Rewrite Profile
    , select
    rewrite-portal
    .
  11. In the Access Policy section, select the
    Access Profile
    , and then the
    Connectivity Profile
    you created.
  12. In the Ephemeral Authentication section, for
    Access Configuration
    , select the Access Configuration you created.
  13. Click
    Finished
    .
The virtual server is set up for ephemeral authentication.