Configure F5 BIG IP optional settings

F5 BIG IP supports two optional settings: Client IP Reporting and Groups response.

Topics

Configure Client IP Reporting
Configure Groups Response

Before you begin

Ensure that you have the common UDP Port and Secret key values available

Configure Client IP Reporting

To configure Okta to be able to parse, report on and eventually enforce policy based off of the source client IP Address you need to configure the F5 BIG IP RADIUS for APM and VPN App in Okta as follows:

Enter the following settings in Advanced RADIUS Settings found on the Sign On tab for the Radius app in your Okta Admin Console

Client IP: Check Report client IP.
RADIUS End User IP Attributes: 66 Tunnel-Client-Endpoint

Configure Groups Response

F5 BIG-IP APM can use group information from Okta to make advanced assignment and policy decisions. To configure Okta to send Radius Group information to F5 BIG-IP APM

Enter the following settings in Advanced RADIUS Settings found on the Sign On tab for the Radius app in your Okta Admin Console, as shown below.

RADIUS Attribute: 25 Class
Group memberships to return Select Groups to Return
Response format: Repeating attributes
Group name format: ${group.name}

Next steps

Test the F5 BIG IP integration