09-26-2013 01:04 PM - edited 03-10-2019 08:56 PM
Setup a TACACS server on out network to control console and telnet access to routers and switches. Most of our remote routers have multiple wan paths to the TACACS servers and may present a different IP address depending on which path is available or least busy. This causes an authentication failure that denies access to the equipment. Is there a way to configure the router to always send a specific address, either a loopback or internal LAN IP?
Solved! Go to Solution.
09-26-2013 01:09 PM
you may also go through the below listed link
http://my.safaribooksonline.com/book/networking/cisco-ios/0596527225/tacacsplus/i85779__heada__4_7
~BR
Jatin Katyal
**Do rate helpful posts**
09-26-2013 01:07 PM
yes.
ip tacacs source-interface interface/vlan id
~BR
Jatin Katyal
**Do rate helpful posts**
09-26-2013 01:09 PM
you may also go through the below listed link
http://my.safaribooksonline.com/book/networking/cisco-ios/0596527225/tacacsplus/i85779__heada__4_7
~BR
Jatin Katyal
**Do rate helpful posts**
09-30-2013 02:57 AM
Did you get that working with the above suggested command?
~BR
Jatin Katyal
**Do rate helpful posts**
09-30-2013 05:57 AM
Thank you. That worked!
09-30-2013 08:05 AM
Thanks for updating the thread.
~BR
Jatin Katyal
**Do rate helpful posts**
09-26-2013 11:26 PM
Hi
FYI,
Device Filter—Filters a network device (AAA client) that acts as a Policy Enforcement Point (PEP) to the end station based on the network device's IP address or name, or the network device group that it belongs to.
The device identifier can be the IP address or name of the device, or it can be based on the network device group to which the device belongs.
The IP address is a protocol-agnostic attribute of type IPv4 that contains a copy of the device IP address obtained from the request:
–In a RADIUS request, if Attribute 4 (NAS-IP-Address) is present, ACS obtains the IP address from Attribute 4; otherwise, if Attribute 32 (NAS-Identifier) is present, ACS obtains the IP address from Attribute 32, or it obtains the IP address from the packet that it receives.
–In a TACACS request, the IP address is obtained from the packet that ACS receives.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide