Forum Discussion

refra_151287's avatar
Jan 16, 2018

Help: TACACS+ Loadbalance

Hello, we're using LTM to loadbalance on TACAS+ servers, we're in implementation phase, but I saw some advice to use bridge mode (VLAN Group) in stead of L3, but i didn't find anything official in this area. so appreciate to share if there's special consideration we should take care of in the design, also in fuctions such as persistence!

 

2 Replies

  • Not every application has a deployment guide, or instructions how to setup in F5. Most of the time you need to understand how the application works, and setup the F5 based on that.

     

    As the clients can be setup with one or more TACACS servers IPs, I don't see any major benefit to have F5 in front of the client.

     

    Anyway, here is what I can suggest.

     

    TACACS uses either TCP or UDP, port 49, so you may need to setup 2 virtual servers, depending of the clients setup. Persistence is not necessary in this case. For monitor, you will have to use either the default UDP (with ICMP) or TCP, as there is no monitor for TACACS.

     

    Forget about VLAN group, that is not necessary here.