01-29-2007 07:55 AM - edited 03-10-2019 02:57 PM
Hello,
Currently, we have FWSM/7606 sitting between a CS-ACS appliance v4.0.1 and the network comprising several routers. Since we use NAT, all network devices appear as a single IP address in CS-ACS.
Is there a way to convey the real router IP address into CS-ACS, either in the T+ payload or by other means ?
We need to see, in CS-ACS logs, both the Real IP and the NAT IP (we already have this one).
Thanks in advance.
01-29-2007 12:48 PM
I've looked at a tacacs+ auth request in ethereal and I'm pretty sure the source adress is lost. Also, if you review the rfc(http://www.cisco.com/warp/public/459/tac-rfc.1.76.txt) You will find that the is no source field.
02-12-2007 04:26 AM
Hi Dominic,
Thanks for your reply. Obviously, CS-ACS is an enterprise solution. We are in the outsourcing business / multi-client datacenter and we have to look at other avenues.
Regards.
-steve w.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide