Security

Hi.

Currently I'm using the F5 to balance radius request between 5 subscribers, this is working fine.

I would like to do the same with TACACS+.

Are there any guide to configure it?

Hi

Are you looking for this?

https://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/Load-balancing-TACACS-authentication-when-CPPM-used-as-TACACS/ta-p/280793

Hello, yes, I want to do this (Load balancing TACACS authentication).

But this link doesn't has the steps to configure in Clearpass.

I would like to know if there are a document like we have for RADIUS.

Hello, anyone configured load balance using F5 for Tacacs request?

Hi,

As per the solution given by the above link, we have to do changes in F5 not in ClearPass. From ClearPass end we just need to have Authentication and Authorization request on the same server,

Solution

As F5 was load balancing the requests, we can ensure the TACACS auth and TACACS authorization request hits the same node by enabling session persistence on F5 load balancer.

Hi Vikran, I'm not with the same issue, the F5 is already configured with session persistence. 

I would like a configuration guide on how to configure Clearpass to load balance TACACS+ requests from Network Devices using F5 VIP

NAD -> F5 -> CPPM

I already create a TACACS Enforcement service, but is not working. I guess I'm missing something in the service config at Clearpass. 

For Radius load balance using F5 it's working.

Hi,

Have you gone trhough the below link,

https://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/BIG-IP-F5-TACACS-authentication-and-Authorization-using/ta-p/274918

This guide is to configure F5 to access using TACACS.

I would like a configuration guide on how to configure Clearpass to load balance TACACS+ requests from Network Devices using F5 VIP

Hi , 

I believe there is no as such guide, you can use Virtual IP on ClearPass cluster to load balance the TACACS requests coming to ClearPass.