Forum Discussion
Cory_50405
Noctilucent
We used ACS 4.2 with v10.2.1 and 10.2.3 without issue. Getting it working can be a bit of a pain, but I'll offer a few key pointers:
-
Ensure you specify a Service Name of 'ppp' and Protocol Name 'ip' in your remote TACACS+ server configuration on the BIG-IP
-
Ensure your remote role name matches verbatim the group name within ACS (no spaces)
-
The attribute string that you set within your BIG-IP remote role needs to be defined as a custom attribute under your ACS group.
PaulStonehewer_
May 13, 2014Nimbostratus
Many thanks for your feedback. I will ensure the F5 engineers are aware.