# F5 Big-Ip
#### Supported Features
The integration currently supports the following features:
* SAML
* Radius
#### Configuration du VPN Big-Ip (SAML)
Before we start, we consider that the Standard Network Configuration of Big-Ip has already been done, please be sure to have a functional VPN
**Note:** For a Web Portal authentication the VPN config must include the **Full Webtop** Mode
First of all, in the Trustelem app settings, enable the authentication method you want to use
#### Configuration de Big-Ip
* In the main tab, click on Access > Federation > SAML Service Provider > Local SP Services
* Click on Create
* Give a name to your Service Provider, in the Entity ID field put your Virtual Server's external IP
* Click on Ok
* In the main tab, click on Access > Federation > SAML Service Provider > External IdP Connectors
* Download the metadata
* Click on the arrow on the right of Create and select From Metadata
* Click on Browse, select the previously downloaded metadata file and give a name to your IdP
* Click on Ok
* In the main tab, click on Access > Federation > SAML Service Provider > Local SP Services
* Select the existing SP and click on Bind/Unbind IdP Connectors
* Click on Add New Row, in the SAML IdP Connectors drop-down, click on the previously created entry
* Click on Update, then click on Ok
* In the main tab, click on Access > Profiles/Policies > Access Profiles (Per-Session Policies)
* click on Edit, on your VPN access policy row
* A diagram appears, delete the Logon Page and Advanced Resource Assign steps with x then Delete button
* Click on the + between Start and Allow and in the Authentication tab, select SAML Auth and click on Add Item
* In the AAA Server Drop-down list, select the SAML SP you created previously and click on save
* Between SAML Auth and Allow, click on + and in the Assignment tab, add the Advanced Resource Assign item
* Click on Add Entry then Add/Delete. In Network Access and Webtop tabs, respectively select your VPN Network Access and Webtop then click on Update
* On the Big-Ip page header, click on Apply Access Policy
#### Trustelem Configuration
* In the Entity ID field, put your Virtual Server public IP address
#### Big-Ip VPN Configuration (RADIUS)
Before we start, we consider that the Standard Network Configuration of Big-Ip has already been done, please be sure to have a functional VPN
Note: For a Web Portal authentication the VPN config must include the Full Webtop Mode
First of all, in the Trustelem app settings, enable the authentication method you want to use
#### Trustelem Configuration
* Go on the Service tab and be sure that you have a correctly configured TrustelemConnect connector
* Define a secret then copy it
#### Big-Ip Configuration
* In the main tab click on Access > Authentication > Radius
* click on Create
* Give a name to your server, in Mode select Authentication and select Direct in Server Connection
* In the Server Address field, put the IP address of the server on which is running TrustelemConnect and put 1812 in the Port field
* In the Secret and Confirm Secret fields, paste the Secret you copied beforehand
* Next to Character Set select Utf-8 then click on Finished
* In the main tab, click on Access > Profiles/Policies > Access Profiles (Per-Session Policies)
* click on Edit, on your VPN access policy row
* Click on the + between Logon Page and Advanced Resource Assign then in the Authentication tab, select RADIUS Auth
* Click on Add Item then select your freshly created AAA Server. click on Save
* On the Big-Ip page header, click on Apply Access Policy