Showing results for 
Search instead for 
Did you mean: 

which is the equivalent to "ip tacacs source-interface" in FW ASA

Hi. I need to authenticated my Cisco ASA with a Tacacs Server that is located through the outside interface. But I need specified the request with the ip address inside. I've been searching but can't find anything . Someone know how can I do this?ASA, tacacs, authentication, AAA

4 Replies 4

VIP Advisor VIP Advisor
VIP Advisor

If your tacas server is at outside in that case you have to specify the outside interace. unless you do a nat


Sorrry i did not read properly


aaa-server Name (outside) host X.X.X.X


*Name = Enter a AAA server group

please do not forget to rate.

Hi. Umm no. That It's a normal configuration. But our case. The tacacs server doesn't allow IP of the outside subnet (it's public). the server only allows IP addresses from the Inside segment 



Is there a site to site vpn between ASA and the Tacacs? might you consider creating one as you request is the Tacacs server only allow the inside address. having a site to site tunnel will fix this issue.

please do not forget to rate.

VIP Community Legend VIP Community Legend
VIP Community Legend

example :


 aaa-server servergroup1 outside host x.x.x.x


***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers