F5 BIG-IP 10.1.0 TACACS authentication ACS 5.3 taking too long to login when first TACACS server is down

Question

Hi All,&nbsp;
I am running the BIG IP 10.1.0 LTM virtual edition and I have successfully configured it to authenticate against a couple of TACACS servers deployed in our Cisco ACSes 5.3.&nbsp;
When the primary TACACS server is up, all works perfect, GUI and console (tmsh) access. However, while doing some testing, I shutted down the primary TACACS server, and tried to authenticate the BIG-IP against the secondary TACACS server. This also works fine but takes between 3 to 4 minutes to grant access, which is of course excesive.&nbsp;
I ruled out as the cause of this issue the secondary TACACS server by configuring it as primary in the BIG IP and everything worked pretty well. &nbsp;
Has anyone experienced this? If so, how did you fix it?&nbsp;
Thanks,&nbsp;
Alex.&nbsp;

a__n_5261 · Answer

Hi Alex, 
&nbsp;  
&nbsp; May you can need your Help.  i  configured ACS 4.2 for LTM.  but it not working with ACS 5.3 . how do we configure this. can you help in this. 
&nbsp;  
&nbsp;  
&nbsp; In ACS 4.2  we give in  PPP-IP tab  and custome attribute. we define these . how we do in  ACS 5.3

Forum Discussion

F5 BIG-IP 10.1.0 TACACS authentication ACS 5.3 taking too long to login when first TACACS server is down

Recent Discussions

ports are showing open on online scanning tool

Upgrade F5 BIGIP

DNS HM Probe issue

Is XFF a must for ASM WAF DoS

Switch ssl profile based on weak cipher detection via IRULE

Related Content

Re: Get Started with BIG-IP Virtual Edition (VE), BIG-IQ VE or BIG-IP Cloud Edition Trial

F5 BIG-IP and NGINX - Securing Your AWS VPC Lattice Applications for External Clients

Re: Welcome to the F5 BIG-IP Migration Assistant

Re: Configuring Smart Card Authentication to the BIG-IP Traffic Management User Interface (TMUI) usi

Re: Mitigating OWASP API Security Top 10 - 2019 risks using BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS