Forum Discussion

getnyce_157084's avatar
getnyce_157084
Icon for Nimbostratus rankNimbostratus
May 24, 2014

Multiple AAA authetication groups to TACACS

Currently I authenticate to a TACACS for my read/write account. Anyone who needs to manage the LTM will be added to that group. However I need to give auditor access to a group of users. When I gr...
  • Cory_50405's avatar
    May 25, 2014

    You need to use remote role with your TACACS+ server. Essentially this involves setting up remote roles and eliminating local user accounts. There have been several threads lately about remote authentication via TACACS+ lately. Here's one:

     

    https://devcentral.f5.com/questions/how-to-configure-tacacs-on-cisco-acs-53-for-authenticate-administrative-users-on-ltm-1120

     

    Also, here is some info regarding remote role:

     

    http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos-implementations-11-1-0/16.html