Hi Rick,

Thanks for taking the time to reply.

Firstly unfortuntely I cant give you IP addresses etc due to the fact that the network in question is a Restricted one so I have had to hash out that information..

The show ver and show run | i source are below

Cisco IOS Software, C3750E Software (C3750E-UNIVERSALK9-M), Version 12.2(52)SE, RELEASE SOFTWARE (fc3)

Copyright (c) 1986-2009 by Cisco Systems, Inc.

Compiled Fri 25-Sep-09 07:33 by sasyamal

Image text-base: 0x00003000, data-base: 0x02400000

ROM: Bootstrap program is C3750E boot loader

BOOTLDR: C3750E Boot Loader (C3750E-HBOOT-M) Version 12.2(44r)SE3, RELEASE SOFTWARE (fc3)

cisco WS-C3750E-24TD (PowerPC405) processor (revision G0) with 262144K bytes of memory.

Processor board ID xxxxxxxxxxx

Last reset from power-on

4 Virtual Ethernet interfaces

1 FastEthernet interface

28 Gigabit Ethernet interfaces

2 Ten Gigabit Ethernet interfaces

The password-recovery mechanism is enabled.

Switch Ports Model              SW Version            SW Image                

------ ----- -----              ----------            ----------              

*    1 30    WS-C3750E-24TD     12.2(52)SE            C3750E-UNIVERSALK9-M    

Configuration register is 0xF

**************************************************************************************************************

#show run | i source

ip tftp source-interface GigabitEthernet1/0/10

neighbor xxx.xxx.xxx.xxx update-source Vlan9

neighbor xxx.xxx.xxx.xxx update-source Vlan9

neighbor xxx.xxx.xxx.xxx update-source GigabitEthernet1/0/7

As you can see we do have some BGP running on the device which is what the current source commands are and there is no mention of the ip tacacs source-interface in the config.

I know for a fact that it does have the command and it is making a difference simply because before I put the command in, TACACS authentications were taking a few seconds (I assume due to the fact that switch was going through the different IP addresses on it) and once I put the source-interface command in, the TACACS authentication/authorisations are instant.

Urfan

I am not sure what else to suggest. But perhaps a simple experiment might shed some light on the issue. If you were to use the command ip tacacs source-interface and set it to some other interface different from what it is using now, then I wonder if the source-interface command would show up in the running config? Note that changing the source interface might cause tacacs to stop working, so you want to make sure that there is an alternate for authentication and authorization if tacacs is not responding. After making the change and seeing if the command shows up in the running config you should restore the command to the value that it is currently using.

HTH

Rick

Just an FYI:

You cannot see the "ip tacacs source-interface" command until you have configured the "tacacs-server" commands.