Forum Discussion
fkuser_104673
Nimbostratus
NimbostratusWEB UIO Remote Autentication
What happens if remote autentication is defined to access to the Web UI and it fails?
I mean, as example, the remote RADIUS server is nos responding. The local user database is used? or it just fails?
This doesn't found anything related about this situation. Anybody knows the behaviour?
Thanks!
hoolioCirrostratus
If the remote server isn't available, then the authentication fails. Only locally authenticated accounts (root/admin) would be granted access.
Aaron
fkuser_104673And if exists more accounts locally defined in the BIG-IP LTM, is possible to use that users?- hoolioAs far as I'm aware, admin and root are the only accounts that can be authenticated locally if remote admin auth is configured. The other users won't have a password defined and so couldn't be authenticated locally. I haven't tested this lately, but that's my understanding. If you do end up testing this, could you confirm or correct this?
Thanks,
Aaron - fkuser_104673Ok!
Thanks for your fast answer. I'm going to try this, I have 8 users locally defined and in fact with passwords stored. I will define the remote server and then I will test the acces with that users.
I'll tell you the results.
Thanks for your fast answer! - JRahm
Admin
That is my understanding as well, Hoolio. The root/admin accounts work at all times on BIG-IP, whereas in most environments I've utilized AAA, the local accounts are only available if the remote access server is inaccessible. - hoolioYep, I just did a quick test on 10.0.1 and found that the user in the bigip.conf seems to be maintained (including the password) when you switch from local to remote admin auth. But with a non-existent auth server no one but root/admin can log in. Upon switching back to local auth, the pre-existing user accounts worked again.
Aaron
