Forum Discussion

hc_andy_35682's avatar
hc_andy_35682
Icon for Nimbostratus rankNimbostratus
Mar 03, 2010

Using TACACS+ on Big-IP LTM

Hi All,     I'm running BIG-IP LTM 6900 10.1.0.     I can't seem to get tacacs+ running for authentiation on the BIG-IP. I've followed the entry h...
config
design
matta-sm_192607's avatar
matta-sm_192607
Icon for Nimbostratus rankNimbostratus
Apr 07, 2015

And I'm also having the same issue, if anyone has come up with an answer. I've tried all the solutions above. The one that didn't make sense to me was setting the "member = adm". Well if that's the case, then I need to create a new TAC+ group. I have mine currently set to "member=admin" and the contents of the admin group:

 

For f5 LTM 11.x and 10.x service = ppp protocol = ip { F5-LTM-User-Info-1 = adm }

 

With the same settings setup in an Remote Role.

 

I tried switching from PAM/LDAP to local DES logins, and that still didn't work.

 

Apr 7 15:10:15 lb-foo err sshd[28512]: pam_tacplus: auth failed: Login incorrect Apr 7 15:10:15 lb-foo alert sshd[28512]: pam_unix(sshd:auth): check pass; user unknown Apr 7 15:10:15 lb-foo notice sshd[28512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1