Manual Chapter :
Assigning push and OTP variables for MFA in a subroutine
Applies To:
Show VersionsBIG-IP APM
- 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 15.1.10, 15.1.9
Assigning push and OTP variables for MFA in a subroutine
You should have created the subroutine for MFA
with a variable assign agent and logon page item as previously described. This task
begins in the subroutine.
Assign the variables for the push and one
time passcode to provide successful MFA in the per-request policy.
- On the Push branch following the logon page items, click plus.
- Click theAssignmenttab, selectVariable Assign, and clickAdd Item.
- ClickAdd new entry.
- On the left, selectCustom Variableand typesubsession.logon.last.password.
- On the right, selectTextand typepush.
- ClickFinished.
- On the OTP branch, following the logon page items, click plus.
- Click theAssignmenttab, selectVariable Assign, and clickAdd Item.
- ClickAdd new entry.
- On the left, selectCustom Variableand typesubsession.logon.last.password.
- On the right, selectSession Variableand typesubsession.logon.last.mfaToken.
- ClickFinished.
- ClickSave.
- On both branches, add a RADIUS Auth item, and specify the RADIUS server.
- Add terminals for the branches.This example shows a completed subroutine for MFA with a one time passcode and push options.
The subroutine for MFA is created.
Add the subroutine to the per-request
policy.