Manual Chapter : Ephemeral authentication prerequisites

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0
Manual Chapter

Ephemeral authentication prerequisites

Before you can implement privileged user access using ephemeral authentication, the BIG-IP system needs to be installed with the following configured:
  • Initial BIG-IP system configuration using the Setup utility is complete
  • Access Policy Manager is licensed and provisioned
  • Active Privileged User Access license with number of endpoints
  • Connectivity license
  • VLANs configured
  • Self-IP addresses configured
  • 1 to 4 IP addresses for virtual servers
The number of virtual servers required depends on how you plan to configure the system. All deployments require a virtual server for the Ephemeral Authentication server.
  • If configuring the BIG-IP system as an LDAP or LDAPS proxy, you need 2-3 virtual servers: one for the Ephemeral Authentication server, and one or two for LDAP and/or LDAPS.
  • If connecting to resources using RADIUS, you need 2 virtual servers: one for the Ephemeral Authentication server, and one for RADIUS.
  • If using both RADIUS and LDAP or LDAPS, you need 3 virtual servers: one for the Ephemeral Authentication server, one for RADIUS, and one for LDAP or LDAPS.
  • If using RADIUS, LDAP, and LDAPS, you need 4 virtual servers: one for the Ephemeral Authentication server, one for RADIUS, one for LDAP, and another for LDAPS.