Web authentication mode can be used to support an external logon page, SAML authentication, 2-factor logon with a one-time passcode, or other interactive methods. In web authentication mode, the administrator can specify interactive Web-based multi-factor authentication in the access policy. Web (Web Logon) Web-based Authentication is supported in this version. Native mode does not require user interaction if all the credentials are previously saved. Interactive authentication, including SAML and external logon pages, are not supported in this mode. Supported Authentication Modes Native Native authentication mode is the default mode that the administrator can use to set the user logon by using username and password, optional client certificate, or both. F5 Access Container App: handles configuration management and state monitoring. F5 Access for macos has two components: App Extension: built on the Network Extension framework to provide traffic tunneling. Note: F5 Access for macos is hosted in the Apple App Store, instead of on a BIG-IP system. Set the system keychain settings to Always Trust. Self-signed BIG-IP certificates are not supported unless the CA certificate is first Trusted on the device.
Note: Users can install and use both F5 Access and Edge Client for macos on the same system. As a result, there are currently feature differences between F5 Access and Edge Client for macos. This change creates some major architectural shifts in the new F5 Access VPN application. F5 Access for macos incorporates Apple's new Network Extension Framework. The F5 Access for macos SSL VPN application complements the existing Edge Client VPN product line, addressing similar use-case and deployment scenarios. 1 BIG-IP APM and F5 Access for MacOS Version 2.0.0ģ Table of Contents Table of Contents Overview: F5 Access for macos Devices.5 F5 Access for macos general information.5 About the F5 Access for macos container app.6 Creating a VPN configuration from Container app.6 Editing a VPN configuration from Container app.8 Creating a VPN configuration from a plist file.8 Example plist mobileconfig VPN configuration file.8 Starting a connection manually.10 Configuring Access Policy Manager for F5 Access.13 What does F5 Access do for macos devices?.13 About supported authentication types.13 About establishing VPN connections.14 About pre-logon checks supported for macos devices.14 Setting up network access.14 Configuring the connectivity profile for macos.14 Prerequisites for configuring F5 Access.15 Access Policy Manager configuration for F5 Access for macos devices.15 Running the Network Access Setup wizard.15 Overview: Access Policies for F5 Access.17 About access policy branches for F5 Access.17 Configuring an access policy for F5 Access for macos.17 Example of basic access policy that supports F5 Access.18 Configuring Per-App VPN with APM and F5 Access.21 What is per-app VPN?.21 About deploying MDM apps over VPNs.21 About access policies for per-app VPN.22 Creating an access profile.22 Managing Devices for F5 Access.25 About managing devices.25 Creating a configuration profile for the managed device.25 Additional Access Policy Manager Configuration Information.37 F5 Access for macos session variablesĥ Overview: F5 Access for macos Devices F5 Access for macos general information General F5 Access Information F5 Access for macos provides Layer 3 network access for the BIG-IP APM module.