Leo_Rodrigues_1
Feb 05, 2015Altocumulus
Big IP LTM - first authenticate against Radius, then with a local account of last resort
Hello.
We have a pair of LTM boxes successfully authenticating with a pair of radius servers. I noticed that the local accounts are still available to log in.
Is there a way to force the LTM appliance to this behavior for local administrative access?
- First authenticate with the Radius servers
- Only if no Radius servers are available, permit login with any local accounts available as last-resort.
When searching the F5 docs, the Firepass appliance supports the "authentication failover", but I found nothing of the sorts for the LTM.
sol10920: Overview of RADIUS authentication failover (FirePass):
(https://support.f5.com/kb/en-us/solutions/public/10000/900/sol10920)
Thanks!