Forum Discussion

teemo_13's avatar
teemo_13
Icon for Cirrus rankCirrus
Apr 03, 2023

TACACS+ Timeout on BIG-IP v12

I know that v12 is no longer supported. We still have a device that is being used and cannot be upgraded to v13 anywore. We need to comply with the security requirement of adjusting the tacacs timeout. 

On other devices with versions higher than v13, we can see the TACACS+ timeout via 
list auth tacacs system-auth timeout
auth tacacs system-auth {
timeout 15
}

However, on v12 it is not working. Do you guys know any workaround for this?

application delivery
security
  • Paulius's avatar
    Paulius
    Icon for MVP rankMVP
    Apr 03, 2023

    teemo_13 If you cannot modify this timeout in the GUI for this auth group then the CLI will not work for it. What does the F5 say when you try to configure this via CLI?

    • teemo_13's avatar
      teemo_13
      Icon for Cirrus rankCirrus
      Apr 03, 2023

      it does not output any error, nothing happens basically

      • Paulius's avatar
        Paulius
        Icon for MVP rankMVP
        Apr 03, 2023

        teemo_13 Typically if a command is not valid when entering it through the CLI it will error stating such and if you use the "load sys config from-terminal merge" and drop the configuration in place it will error as well stating what piece of the configuration is causing the issue. If you did not receive any errors and when you run the command "list auth tacacs" and you see the timeout it should absolutely have taken that and applied it to the active configuration. How have you verified that the timeout is not working?