F5OS support for TACACS+ over CLI
We ran into issues deploying rSeries and VELOS platforms on the network at our company using a custom form of TACACS+. Our implementation allows for application-specific domains with unique ports and keys. We had issues with it until we added the attribute value pairs to the TACACS+ domain profiles: Admin (unlimited_config): F5-F5OS-UID=1001 F5-F5OS-GID=9000 Operator (unlimited_enable): F5-F5OS-UID=1001 F5-F5OS-GID=9001 This change resolved the access issues via GUIand we are able to access using our TACACS+ credentials, but it does NOT work via CLI for access using the same credentials. We already have a case out to F5 about this, but I was wondering if anyone else is experiencing the same implementation challenge on accessing CLI using TACACS+.
AD/LDAP Auth on rSeries F5-OS
AD/LDAP auth on F5-OS seems unnecessarily complicated compared to how TMOS handles it. Does anyone have this working in their environment? If so, can you explain which attributes are created (F5-F5OS-UID, F5-F5OS-GID, uidNumber, gidNumber, etc.) and if they are applied directly to the AD user and/or AD group? The config guide mentions that F5-F5OS-GID is the only required attribute (F5-F5OS-UID defaults to 1001). It's not clear to me if this attribute must be added directly to the user account or if it can be created in an AD group that the user is a member of. Then there is aSolution Article that says LDAP requires the user have a uidNumber and gidNumber. The AD group must have a gidNumber that corresponds to the associated group ID of the F5 system role. They provide an example of a AD user and AD group showing uidNumber and gidNumber, but there is no reference to F5-F5OS-GID.
R-Series Appliance No GUI ( host system gui ) after 1.7.0 upgrade
After running the 1.7.0 upgrade for the r-series 5000 appliance - the login screen does not display in a browsers. Admin and Root passwords are as they were before upgrade. mgmt-ip settings are the same. Device can ping it's upstream router in the mgmt-ip network. the device mgmt-ip address does not reply to ping ( or any request [ ssh, http...]) from the console I can see the whole running config - it is the same as before the upgrade Any help is appreciated, Dave MehlbergF5OS missing interfaces in tenant
Hello, I'm totally new to F5OS, I'm configuring a rSeries 2600 (1.5.1-12283) and deploying a tenant (BIG-IP 15.1.5.1 Build 0.0.14 Point Release 1). All seemed to work perfectly fine both in the host and the tenant deployments, but looking at the interfaces section on the tenant the list is totally empty! And in VLAN properties the "interface" section is missing. I assigned VLAN's to interfaces in the Network Settings at F5OS level - would it be by design that the interfaces are no longer showed in the tenant ? I tried to find info in the doc with no results... Any info/help would be more than welcome :-) Thanks & have a good day, Gerald
F5 r10800 not connected to Cisco Nexus 9000
10G and 25G interfaces on F5 rSeries 10800 (F5os version 1.5.2 ) port fail to establish links with Cisco Nexus switches C93360YC-FX2 (nxos version 9.3.5) both side module model are: type is SFP-H25GB-SR name is F5 NETWORKS INC. part number is OPT-0053 is ther a solution to this problem??
