Forum Discussion

mlwebster's avatar
mlwebster
Icon for Cirrus rankCirrus
Jul 26, 2022

TACACS+ Timeout

Hi all,

I have been successfully authentication to my F5 estate using TACACS handing off to AD for many years.   

I have now added another layer by integrated with my MFA platform but cannot figure out how to alter/set timeouts for the MFA authentication.

My configuration for TACACS is:

auth tacacs system-auth {
protocol ip
secret xxxxx
servers { x.x.x.x y.y.y.y }
service ppp
}

I have set the timeout with:

list auth tacacs system-auth timeout
auth tacacs system-auth {
timeout 15
}

When I connect, I am prompted to MFA for both CLI & GUI.   

However, if I wait for 30 seconds, 1 minute, etc. the MFA session is still waiting & authenticates me when I accept the MFA challenge.

Can anyone out there suggest what I'm missing in making the timeout time me out?