cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2032
Views
0
Helpful
3
Replies

a question about TACACS+

li-he
Level 1
Level 1

hi:

I have a AS5350 and a cisco3662 router to be dialed in by remote user.The two router is a AAA client of TACACS+. When user dial in ,the router will assign ip address for dial user.

my question is :on both router ,I config the same address pool(ip local pool VSSpool 10.10.1.1 10.10.1.100),will the router assign the same ip address for different user at the same time ?(for example:the AS5350 assign 10.10.1.1 for user1 ,at the same time ,the cisco 3662 will assign 10.10.1.1 for user2 ?)

3 Replies 3

gfullage
Cisco Employee
Cisco Employee

If the pools are local to the router, then yes, they'll both assign the same IP address, they have no way of knowing what you've configured on other routers.

Your best bet is to assign 10.10.1.1-10.10.1.50 on one router and 10.10.1.51-10.10.1.100 on the other. Thi can be dangerous if you don't equally load-share the calls across he two devices, you may run out of IP addresses on one that gets heavily loaded. Better yet is to just create a different subnet for each.

but in fact ,they did not assign the same ip address .so ,I don't know why ?

eholcombe
Level 1
Level 1

I have the same setup and what I did was install a ACS server. By doing this it allows me to use one pool for both access routers.