Manual Chapter :
Ephemeral authentication prerequisites
Applies To:
Show VersionsBIG-IP APM
- 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0
Ephemeral authentication prerequisites
Before you can implement privileged user access using ephemeral
authentication, the BIG-IP system needs to be installed with the following configured:
- Initial BIG-IP system configuration using the Setup utility is complete
- Access Policy Manager is licensed and provisioned
- Active Privileged User Access license with number of endpoints
- Connectivity license
- VLANs configured
- Self-IP addresses configured
- 1 to 4 IP addresses for virtual servers
The number of virtual servers required depends on how you plan to configure
the system. All deployments require a virtual server for the Ephemeral Authentication server.
- If configuring the BIG-IP system as an LDAP or LDAPS proxy, you need 2-3 virtual servers: one for the Ephemeral Authentication server, and one or two for LDAP and/or LDAPS.
- If connecting to resources using RADIUS, you need 2 virtual servers: one for the Ephemeral Authentication server, and one for RADIUS.
- If using both RADIUS and LDAP or LDAPS, you need 3 virtual servers: one for the Ephemeral Authentication server, one for RADIUS, and one for LDAP or LDAPS.
- If using RADIUS, LDAP, and LDAPS, you need 4 virtual servers: one for the Ephemeral Authentication server, one for RADIUS, one for LDAP, and another for LDAPS.