F5OS support for TACACS+ over CLI

Question

We ran into issues deploying rSeries and VELOS platforms on the network at our company using a custom form of TACACS+. Our implementation allows for application-specific domains with unique ports and keys.

We had issues with it until we added the attribute value pairs to the TACACS+ domain profiles:

Admin (unlimited_config):

F5-F5OS-UID=1001

F5-F5OS-GID=9000

Operator (unlimited_enable):

F5-F5OS-UID=1001

F5-F5OS-GID=9001

This change resolved the access issues via GUI and we are able to access using our TACACS+ credentials, but it does NOT work via CLI for access using the same credentials. We already have a case out to F5 about this, but I was wondering if anyone else is experiencing the same implementation challenge on accessing CLI using TACACS+.

leslie_hubertus · Answer

jdclay&nbsp;- FYI I'm featuring your post in today's Community Highlights article to boost visibility for you.&nbsp;

andy-didnt-like-uucp · Answer

did u already leverage this?[F5OS] Unable to use TACACS authentication

jrahm · Answer

Hi&nbsp;jdclay&nbsp;thanks for the share. I don't have help for you on this but am interested in the outcome...

jrahm · Answer

jdclay&nbsp;could you confirm if this is still a problem with the additional info provided in that solution&nbsp;Andy-didnt-like-uucp&nbsp;linked?

Forum Discussion

F5OS support for TACACS+ over CLI

4 Replies

Recent Discussions

import live updates from version x to version y

Tenant image upgrade

iRule editor partition button does not work

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

Cloud Docs - F5OS Technical Reference Materials

Exploring F5OS automation features on VELOS

F5OS Tenants TMOS version upgrade

F5OS API - not able to create vlan

F5OS r2800 out-of-box DNS