< Back
You are here:

HOW TO CONFIGURE OCTOPUS AUTHENTICATOR FOR F5 FIREPASS SSL VPN

This page shows you how to add multifactor authentication to your f5 Firepass SSL VPN using the Octopus Authenticator to gain more control and security over how users log into your network.

  • Login to Octopus Authenticator Console
  • Select Services from the left pane
  • Select Add Service
  • Click RADIUS service template

 


Tab 1 – General Information

The following field and values are displayed

Field name Field Value
Service name F5 FirePass SSL VPN
Issuer F5 Networks
Description
Service status Enable
Display icon

 


Tab 2 – Parameters

The following fields and values are displayed

Field name Field value
RADIUS key name NAS-IP-Address
RADIUS key value <F5 FirePass Server IP address>
Login Login authentication method for F5 SSL VPN
+ Add additional parameter Do not add any parameters

 


Tab 3 – Sign On

The following fields and values are displayed

Field name Field value
Multi Factor Authentication (MFA) Off (default)
Sign on Method RADIUS
Secret <F5 FirePass SSL VPN Secret Code>
Custom message

 


Step 4 – Users

To configure the users of the service

  • Select users either from “Local Users” or “LDAP Users” lists
  • You can select either:
    • A group of users to import, by clicking on the dot next to one of the folders
    • An individual user to import, by clicking on the dot next to that user
  • The corresponding dot will then be colored blue. When you select only some of the users in the group, the dot adjacent to the group will be colored partially.After you press SAVE SETTINGS, the selected users will be enrolled in the service.
  • Click SAVE SETTINGS
  •  


    F5 FirePass Server side configuration

  • Login to your F5 FirePass SSL VPN server console

  • From “Main” tab Select Access Policy -> AAA Servers -> Add (+) RADIUS

  • At the New server page, set the following parameters:
    • Name: Your Octopus Authenticator Server name
    • IP address: Your Octopus Authenticator Server IP address or name
    • Port: In Octopus Authenticator Management console -> System settings -> Services settings -> copy RADIUS port value
    • Shared Secret: In Octopus Authenticator Management console -> System settings -> Services settings -> Show and copy RADIUS secret value
    • Timeout (in seconds): 60

  • Click Finished 

     

     


    F5 Access Client Side Configuration

    Prerequisite

  • Download and install F5 Access client

  • Under Windows Settings Select Network & Internet settings

  • Select VPN
  • Add VPN connection

  • Enter VPN connection configuration:
    • VPN provider
    • VPN connection name
    • VPN Server name or IP

  • Click Save