NimbostratusTacacs with APM and Remote Role Groups Tacacs attributes not working
Hi,
We have a Tacacs setup based on port 49165. This is not possible via the standard Tacacs setup at System Users Authentication.
So we have used the APM Access Policy section to setup the Tacacs config based on port 49165. InAccess Policy ›› AAA Serversthe Tacacs servers are defined Access Policy ›› Access Profiles : Access Profiles Listthe authentication policy is defined
The authentication part via the Tacacs servers is working. In the System ›› Users : Authenticationthe Remote APM based is selected.
Users are authenticated on the Tacacs servers but the defined attributes are not used. The assigned role is based on the External User configuration, when set to Guest all users are Guest and when set to Admin all users are Admin It looks like the "auth remote-role" with the "attribute F5-LTM-User-Info-1=f5adm" is not used with Tacacs via APM.
The Tacacs server and F5 have been checked and compared to other domains where it is working correctly. Only difference with the other domains is these are configured with the standard Tacacs based on port 49.
Does anyone know if it is possible to use the APM for Tacacs authentication with the Remote Role Groups?
Regards, Patrick
