Forum Discussion
5 Replies
Sort By
- What_Lies_Bene1Cirrostratus
RADIUS and TACACS+ are both supported in TMOS v10 so you should be able to use ACS for remote user authentication.
- Cory_50405Noctilucent
We used ACS 4.2 with v10.2.1 and 10.2.3 without issue. Getting it working can be a bit of a pain, but I'll offer a few key pointers:
-
Ensure you specify a Service Name of 'ppp' and Protocol Name 'ip' in your remote TACACS+ server configuration on the BIG-IP
-
Ensure your remote role name matches verbatim the group name within ACS (no spaces)
-
The attribute string that you set within your BIG-IP remote role needs to be defined as a custom attribute under your ACS group.
- PaulStonehewer_NimbostratusMany thanks for your feedback. I will ensure the F5 engineers are aware.
-
- simon_84972Nimbostratus
can help to provide any example for ACS configure for attribute?
- Cory_50405NoctilucentI no longer have access to an ACS 4.2 instance so I can't get any more specific than what I specified above.