01-22-2009 02:19 PM
(1) What source IP address does a CSS (ver 7.5) use for (a) logging, (b) TACACS? Is it always the management port IP address? Can it be specified?
(2) What Eth port does a CSS (ver 7.5) use for (a) logging, (b) TACACS? Is it the management or a standard FE port. For TACACS it appears to be always the latter while the TACACS request still uses the IP address of the former? Is this correct? Can it be specified?
01-23-2009 02:29 AM
the source interface can't be specified.
The CSS will use the source interface based on the routing table.
It will take the ip of the exit interface to reach the TACACS server.
G.
01-28-2009 10:34 PM
In my experience this seems to be partially correct.
Syslog, snmp-trap and icmp seem to use the management source interface based on the routing table. More specific routes added via "ip management route" command.
The tacacs however seems to ignore these routes specified via "ip management route".
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide