Configure F5 BIG IP optional settings

F5 BIG-IP supports two optional settings:

Before you begin

  • Ensure that you have the common UDP port and secret key values available.

Configure Client IP Reporting

To configure Okta to be able to parse, report on, and eventually enforce policy based off of the source client IP follow these steps:

  1. In the Admin Console, go to ApplicationsApplications.

  2. Find and select your RADIUS Application.

  3. Click Sign-On Options.

  4. In the Advanced RADIUS Settings section, click Edit and then choose these settings:

  • Client IP: Select Report client IP.
  • RADIUS End User IP Attributes: Enger 66 Tunnel-Client-Endpoint.

Configure groups response

F5 BIG-IP APM can use group information from Okta to make advanced assignment and policy decisions. To configure this feature perform the following steps:

  1. In the Admin Console, go to ApplicationsApplications.

  2. Find and select your RADIUS Application.

  3. Click Sign-On Options.

  4. In the Groups Response section, click Edit, and then choose these settings:

  • RADIUS Attribute: Enter 25 Class.
  • Group memberships to return: Select Groups to Return.
  • Response format: Select Repeating attributes.

  • Group name format: Select ${group.name}.