HI,
I have a Cisco ACI environment running Version: 1.2(1i) and I configured TACACS on the APICs together with all the necessary attributes on the Cisco ACS server.
I can login to the APICs using the TACACS account and i have the right authorization.
However, if I SSH to the leaves, I can only use the local admin account.No TACACS seem to be possible.I don't see any TACACS connection to the ACS servers being originated from the leaf.
Beside this, I didn't find any way of configuring TACACS specifically for the leaves.
As a side note, I am only using OOB management for the leaves.
If I issue a show tacacs-server on the leaf, I see that the source-interface is set as any available.
Leaf# show tacacs-server
timeout value:5
deadtime value:0
source interface:any available
total number of servers:2
following TACACS+ servers are configured:
x.x.x.x:
available on port:49
y.y.y.y:
available on port:49
Any ideas?
