Forum Discussion
F5OS support for TACACS+ over CLI
We ran into issues deploying rSeries and VELOS platforms on the network at our company using a custom form of TACACS+. Our implementation allows for application-specific domains with unique ports and keys.
We had issues with it until we added the attribute value pairs to the TACACS+ domain profiles:
Admin (unlimited_config):
F5-F5OS-UID=1001
F5-F5OS-GID=9000
Operator (unlimited_enable):
F5-F5OS-UID=1001
F5-F5OS-GID=9001
This change resolved the access issues via GUI and we are able to access using our TACACS+ credentials, but it does NOT work via CLI for access using the same credentials. We already have a case out to F5 about this, but I was wondering if anyone else is experiencing the same implementation challenge on accessing CLI using TACACS+.
did u already leverage this?
[F5OS] Unable to use TACACS authentication- JRahmAdmin
jdclay could you confirm if this is still a problem with the additional info provided in that solution Andy-didnt-like-uucp linked?
- Leslie_HubertusRet. Employee
jdclay - FYI I'm featuring your post in today's Community Highlights article to boost visibility for you.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com