For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

eneR_159774's avatar
eneR_159774
Icon for Nimbostratus rankNimbostratus
Jun 01, 2018

BIG-IP User Authentication against multiple directory services

Hello guys,   short question for you but i can't find any information about it in the documentation..   Is it possible to configure multiple authentication directory's like "tacacs" AND "active...
application delivery
BIG-IP
LTM
security
youssef1's avatar
youssef1
Icon for Cumulonimbus rankCumulonimbus
Jun 01, 2018

Hi,

 

In F5 you can only use one authentication method at a time. And we are talking about access to F5 (GUI and CLI). You can use (GUI: System ›› Users : Authentication):

 

  • local
  • Tacacs
  • Radius
  • client cert LDAP
  • LDAP
  • AD
  • And Finaly you can use APM (APM based)

https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-implementations-12-1-0/48.html

 

And in this case you can mix what ever you want as long as it's supported by F5 APM.

 

Last important point. Even if you have an external auth implemented, ROOT and ADMIN account remain in F5 as local. suppose your directory is no longer reachable by F5 you can always authenticate using these local accounts.

 

Regards