APM as SAML SP
Hello, I have the BIG-IP virtual environment and I am trying to set up APM as a SAML SP. I've followed this KB to set it up successfully. However, I'm having a lot of trouble with the virtual server side of things. My understanding is that the virtual server is hit from a request from an IdP, and then the virtual server kicks the access policy into gear, then authenticating the user against the BIG-IP system. My issue is, my virtual server is not accessible, so when I try to complete the SAML authentication, I see that the connection has timed out.
I have done the following:
- Configured an access policy for SAML SP
- Configured a virtual server with an IP address on a different VLAN than the one that BIG-IP resides on
- Configured an external IdP
- Configured a SAML SP service
- Configured a VLAN
I'm not fully sure if the VLAN setup is correct, I had spoke with someone at F5, and they vaguely explained that I needed to have a VLAN set up inside my system, and that would allow for me to dedicate an IP to the virtual server. I've ssh'd into the box, and I can ping the IP of the virtual server successfully.
It appears that I have all of the necessary components to complete this task, however, I have been fighting for a few days trying to figure out what the issue is. I think it's important to note that my virtual server usually is displaying a status of
unknown
. However, I've created a pool, and once I did that, I see that server status is now available
. Currently I can see traffic to the virtual server, but still not able to access it from anywhere. The link I'm trying to hit is something of the nature
Any help would be greatly appreciated.
Sorry for delayed response. I was able to get this working correctly. After talking with my networking guy, we discovered we had an issue in our network setup. Once we corrected our network issue, I was able to set up APM as an SP without issue.