NimbostratusF5 is not forwarding the remote IP to cisco ACS(TACACS). I have certain policies set based on Remote IP at ACS. Since the Remote IP is not logged in these policies doesn't match. Any workaround/solution to this?
Noctilucent@Raghunaath, Are you not able to login F5 device via remote ACS?
Let us know if question. Happy to help.
Nimbostratus@f5_rock, Thanks for your reply.
The policies at ACS was defined recently(based on the Remote IP -> call it an ACL), and after then everything stopped working. Note: If I remove the policy in ACS everything will be back to normal, but I don't want to do that. We have a considerable amount of F5's in our lab which behaves unique. None of the F5 is sending the actual remote IP(IP where the actual request is coming from) to ACS. I don't see Remote IP set in the payload from the capture(did this by enabling the debug).
NoctilucentI believe you need to add management route to device then remote authentication will start working. Are you able to ping to remote server?
NimbostratusManagement route is in place and is reachable.