06-11-2020 06:23 AM
Hi all, I´m trying to configure tacacs in an ASR920 router only with the DNS hostname using the command tacacs-server dns-alias-lookup but I have no luck to get it working.
can anyone check the config and tell me if it´s possible to do it?
aaa new-model
aaa authentication login default group TACPLUS local
aaa authentication enable default group TACPLUS enable
aaa authorization exec default group TACPLUS local
aaa authorization commands 15 default group TACPLUS
aaa accounting commands 0 default start-stop group TACPLUS
aaa accounting commands 1 default start-stop group TACPLUS
aaa accounting commands 15 default start-stop group tacacs+
tacacs-server dns-alias-lookup
tacacs server tac_plus
address ipv4 10.5.140.39
key 7 13341625182900182D102F0A
tacacs server tacacs01
key 7 13341625182900182D102F0A
aaa group server tacacs+ TACPLUS
ip tacacs source-interface Loopback1
CANNOT ADD THE SERVER TACACS01 BECAUSE IT DOESN´T HAVE AND ADDRESS CONFIGURED
thanks to all!
06-11-2020 08:28 PM
06-16-2020 06:01 AM
HI Francesco, I´m using the tacacs server command instead the tacacs-server host command, so I´m using the new method, but unfortunately I must configure a tacacs server IP address. If it´s possible to share me a link with an example will be great
Thanks
06-16-2020 08:40 PM
06-17-2020 07:05 AM
I didn't understand you before. I've opened a tac case maybe they can give me a roadmap or something. Thanks Francesco
06-17-2020 12:23 AM
Hello
@MPFMPF49115 wrote:
I´m using the new method, but unfortunately I must configure a tacacs server IP address. If it´s possible to share me a link with an example will be great
See attached..
07-02-2020 07:47 AM
HI Paul, IOS-XE version 16.12.3a has the fqnd option.
prueba_redes(config-server-tacacs)#address ?
fqdn fqdn, for address resolution from dns
ipv4 Configure ipv4 address for tacacs server
ipv6 Configure ipv6 address for tacacs server
it works!
acacs+ Server - public :
Server name: tacacs01_tacacs01_10.5.140.39
Server address: 10.5.140.39
Server port: 49
Socket opens: 53
Socket closes: 53
Socket aborts: 0
Socket errors: 0
Socket Timeouts: 0
Failed Connect Attempts: 0
Total Packets Sent: 55
Total Packets Recv: 55
Server Status: Alive
Continous Authc fail count: 0
Continous Authz fail count: 0
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide