Forum Discussion

Tyler_Ripley_91's avatar
Icon for Nimbostratus rankNimbostratus
Feb 27, 2012

v11 Tacacs Authorization




I'm not able to get Tacacs authorization working with v11.1. I've followed these guides:



I've created the remoteroles through the GUI and setup the custom attribute through our Cisco ACS 4.2 server.



Made sure I'm using service PPP and protocol IP and I put the custom attributes in the PPP IP section of the Tacacs+ settings in ACS.



"F5-LTM-User-Info-1=SysAdm" and I created the SysAdm remoterole with the identical attribue.



BIG-IP 11.1.0 Build 1943.0 Final



The weird thing is the error I see in ACS. "No IP address allocation method defined for user". I can't find anything similar in the forums. Has anyone gotten Tacacs working with v11? This is a fresh install and new F5 3600.





1 Reply


    I had the same issue. If you look at the ACS server logs "No IP address allocation method defined for user." To fix this go to Group settings/Pick the group you want to grant remote tacacs to/Select the radio button for "Assigned by Dialup client"