F5 BIGIP APM AAA Servers

AAA Server Templates

cstubbs
March 14, 2015
Local UserDB name

Pool name for LDAP

Pool name for LDAPS

LDAP base DN for search

Admin/service account password

Admin/service account DN

Description for AAA domain, no spaces

AAA domain FQDN

Admin/service account username (sAMAccoutnName in AD)

Pool name for TACACS+

Pool name for RADIUS

RADIUS secret

TACACS+ secret

apm aaa localdb AAA-LOCAL-%{LOCAL_USERDB}% { }
apm aaa ldap AAA-LDAP-%{AAA_DOMAIN}% {
    admin-dn %{ADMIN_DN}%
    admin-encrypted-password %{ADMIN_PASSWORD}%
    base-dn %{BASE_DN}%
    pool %{AAA_LDAP_POOL}%
}
apm aaa ldap AAA-LDAPS-%{AAA_DOMAIN}% {
    admin-dn %{ADMIN_DN}%
    admin-encrypted-password %{ADMIN_PASSWORD}%
    base-dn %{BASE_DN}%
    is-ldaps true
    pool %{AAA_LDAPS_POOL}%
    port ldaps
    serverssl-profile serverssl
}
apm aaa active-directory AAA-AD-%{AAA_DOMAIN}% {
    admin-encrypted-password %{ADMIN_PASSWORD}%
    admin-name %{ADMIN_SAMACCOUNTNAME}%
    domain %{AAA_DOMAIN_FQDN}%
    pool POOL-IPv4-AD-lab-routedlogic-net-1
}
apm aaa radius AAA-RADIUS-%{AAA_DOMAIN}% {
    mode auth
    pool %{AAA_RADIUS_POOL}%
    secret %{RADIUS_SECRET}%
}
apm aaa tacacsplus AAA-TACACSplus-%{AAA_DOMAIN}% {
    pool %{AAA_TACACSPLUS_POOL}%
    secret %{TACACSPLUS_SECRET}%
}