Forum Discussion

Sharank's avatar
Sharank
Icon for Nimbostratus rankNimbostratus
Jan 09, 2018

Local User and Radius User (Mixed mode of Authentication)

Dear All,

 

I have a query on the Local user DB & Radius config for BIG-IP Management

 

We have i5800 running with Version 13.0.0 (LTM,ASM),

 

Right now, we have enabled Radius authentication to manage the BIG-IP along with local default user accounts (admin and root)

 

My query: Can we create more local DB users with different privileges for managing BIG-IP along with Radius authentication enabled. Is this possible ?? (Mix mode of authentication Local and Radius enabled at the same time)

 

Need your Insight and guidance on the same

 

Thank you

 

application delivery
BIG-IP
security

1 Reply

Sort By
  • youssef1's avatar
    youssef1
    Icon for Cumulonimbus rankCumulonimbus
    Jan 09, 2018

    Hello Sharank.

     

    No it's not possible: The BIG-IP system currently supports remote authentication through Active Directory or LDAP, RADIUS, and TACACS+. Using remote authentication methods allows the BIG-IP system to participate in a centrally located and managed access schema and use the password enforcement policies of the remote authentication server. However, if the remote authentication server experiences a failure, login attempts that use remotely authenticated system user accounts will fail, limiting access to system maintenance accounts that are locally authenticated.

     

    The admin user is maintained through the Configuration utility, on the Users screen. The root user is maintained through the Configuration utility in the System menu, on the Platform screen.

     

    For additional information: https://support.f5.com/csp/article/K12173

     

    Regards