Forum Discussion

Bhavik_384677's avatar
Icon for Nimbostratus rankNimbostratus
Feb 26, 2019

Info on Tacacs+ configuration required on F5 and Tacacs+ server



I am trying to do Tacacs+ authentication, authorization and accounting using F5 Already configured Tacacs+ server on F5 and trying to configure remote roles with custom attributes defined in TACACS+ client as well.


Is there any document which specifies exactly how to configure attributes both on TACACS server and on F5? What role does Custom Attributes plays in TACACS+ AAA in F5?


Thanks, Bhavik


2 Replies

  • Hi Jai,


    Thank you for the document. I have referred this document. I have configured the remote roles on the Tacplus server and client appropriately.


    There is an option under System->users->User list in F5, there we can see All external users are provided with some role name, partition name and tmsh access required or denied.


    When Tacacs+ authorization takes place, we could see in the accounting log always that the external user permissions are granted to any user logged in. We could not see the one we have configured as a custom attribute under Tacplus server.