cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

3780
Views
0
Helpful
5
Replies
Highlighted
Beginner

"ip tacacs source-interface" command not working

I have a C-3750 L3 switch that's part of a project to get ACS-based authentication configured, and while I'm able to get most of the devices working, this one switch won't take the ip tacacs source-interface command. Can someone confirm whether this is an IOS issue?:

---C-3750-a(config)#ip tacacs source-interface loopback0

                                 ^

% Invalid input detected at '^' marker.

Current IOS on the device:

Switch Ports Model              SW Version            SW Image                

------ ----- -----              ----------            ----------              

*    1 28    WS-C3750G-24PS     12.2(44)SE            C3750-ADVIPSERVICESK9-M 

     2 28    WS-C3750G-24PS     12.2(44)SE            C3750-ADVIPSERVICESK9-M 

--

Thanks!

Everyone's tags (3)
2 ACCEPTED SOLUTIONS

Accepted Solutions
Highlighted
Cisco Employee

"ip tacacs source-interface" command not working

Its a bug:-

CSCsm28901

"ip tacacs source-interface" command missing in 12.2.44SE.

Please move to another IOS.

View solution in original post

Highlighted
Cisco Employee

"ip tacacs source-interface" command not working

Since this is a known defect because ip tacacs source-interface" isn't available globally, you should be able to include it in a group configuration, for example:

tacacs-server host key

aaa group server tacacs+ TAC

server

ip tacacs source-interface

aaa authentication login default group TAC local

Let me know if you have any further queries.

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin Katyal

View solution in original post

5 REPLIES 5
Highlighted
Cisco Employee

"ip tacacs source-interface" command not working

Its a bug:-

CSCsm28901

"ip tacacs source-interface" command missing in 12.2.44SE.

Please move to another IOS.

View solution in original post

Re: "ip tacacs source-interface" command not working

Instead of using the ip tacacs source-interface Loopback0 command in the global config mode, specify the source interface in the server group-

 

Example - 

aaa group server tacacs+ TACACS+_ISE
server-private <server IP> key <key>

ip tacacs source-interface Loopback0

Highlighted
Cisco Employee

"ip tacacs source-interface" command not working

Since this is a known defect because ip tacacs source-interface" isn't available globally, you should be able to include it in a group configuration, for example:

tacacs-server host key

aaa group server tacacs+ TAC

server

ip tacacs source-interface

aaa authentication login default group TAC local

Let me know if you have any further queries.

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin Katyal

View solution in original post

Highlighted
Beginner

"ip tacacs source-interface" command not working

Thanks for confirming the fact that this is a bug. The workaround worked just fine. Thank you.

Highlighted
Cisco Employee

"ip tacacs source-interface" command not working

Uw. Thanks for updating/closing the thread.

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin Katyal