Hello Kai M,
in general when I have to manage this kind of use case, I make sure to manage the access directly on the FW. let me explain;
if your F5 equipment is VPN or perimeter security, I guess you put it in a DMZ. So all user access must pass through the FW.
So access management will do it in a simple way:
you can give an specific IP for each User...
Or a specific range for a specific OU for example...
you only have to manage your access on the FW.
Advantage:
-> independent access management of F5 (we can add additional resources to a user regardless of the F5 owner)
-> Visual management of the rules of access and possibility to control the tracker in case of blocking ...
And I would say a much simpler management ...
regards