tacacs attibute value pair settings for remote role attributes
Hi, I've read Sol8811 and sol8808 and articles https://devcentral.f5.com/articles/v10-remote-authorization-via-tacacs-43.U0yHO_mulsE http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm_implementation/sol_mgmt_auth.html1030640
on ACS 4.2 - i got auth working via the following: create a 'new service' on the Interface Configuration>Tacacs+(Cisco IOS)>New Services. I created a new service called 'F5_extras' with protocol 'IP'. This enables the new setting to appear in my existing Group (which contains many different vendor equipment). In the Group setting I can assign PPP IP via 'custom attributes' window: service=PPP protocol=IP Obviously set your F5_extras in your LTM tacacs configuration.
(NOTE: ip assignment of dialup was not required for me - its mentioned a in a forum).
For REMOTE ROLES how to I configure the ACS for the attributes? eg, mentioned on the dev central forum a user applied these attributes to the ACS device: F5-LTM-Host=4500ltm1 F5-LTM-User-Role=administrator F5-LTM-User-Partition=Common F5-LTM-User-Console=tmsh
From Cisco site the Attribute values eg's are: eg's •acl=
•autocmd=
•callback-line
•callback-rotary
•cmd-arg=
•cmd=
http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4-2-1/User_Guide/acs421ug/A_TACAtr.htmlwp977782