Last Modified: Sep 15, 2022
Affected Product(s):
BIG-IP All
Fixed In:
13.1.0
Opened: Apr 12, 2017 Severity: 3-Major
When using a remote role group to set a user's console by variable substitution from the RADIUS variable F5-LTM-User-Console, console access will be disabled no matter the value of the variable returned by the RADIUS server.
Users who are expected to have tmsh access will not. These users will still have GUI access.
Remote auth using RADIUS. Remote role group configured to set console by variable substitution with F5-LTM-User-Console.
Use F5-LTM-User-Shell, and set the value to "tmsh" for users who need tmsh access.
If console is set by variable substitution from F5-LTM-User-Console, and this variable is set to 1 (or Enabled), the user will have tmsh access.