For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

amadou0240's avatar
amadou0240
Icon for Nimbostratus rankNimbostratus
Jan 07, 2025

Fallback local account works when remote auth server is UP

I have remote authentication configured and have created a fallback local account.

My goal for local fallback account is twofold:

  • WORK when remote auth server is DOWN 
  • NOT WORK when remote auth server is UP

The first case works fine but I notice that local account works even when remote auth server is UP, which is not pure fallback. How can I achieve that ?

 

I have followed K67025432 (Configuring remote authentication fallback on BIG-IP systems)

 

fallback is configured as follows:

auth source {
    description none
    fallback true
    type tacacs
}

 

Local account: 

auth user emergency {
    description "remote authentication fallback account"
    encrypted-password $6$ogpR9DMV$ImG9kaaaaaaaaaaaaJ4POotYfu4j6B5HjmJMLD6TYpdVRaNhJICke/
    partition Common
    partition-access {
        all-partitions {
            role admin
        }
    }
    session-limit -1
    shell bash
}

 

My goal is use case in line 3:

 

auth
bigip
No RepliesBe the first to reply