Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
687
Views
0
Helpful
4
Replies

what is the purpose of switch cmd ip tacacs source-interface vlan X

adeebtaqui
Level 4
Level 4

‎07-20-2023 12:49 AM

what is the purpose of switch cmd "ip tacacs source-interface vlan X(mgmt)"?  Is it a must to configure or more secure ?

Labels:
0 Helpful
4 Replies 4

DanielP211
VIP Alumni
VIP Alumni

‎07-20-2023 01:03 AM

To source the tacacs traffic from a specific interface/vlan (in case you have more).

****Kindly rate all useful posts*****
0 Helpful

Flavio Miranda
VIP
VIP

‎07-20-2023 01:51 AM

Hi @adeebtaqui 

 It is not a must. And it is more secure in the sense that you can have a better control on from where you send the tacacs request. But keep in mind that if you change the source for tacacs you must update the tacacs server, otherwise you can be locked out from the device.

0 Helpful

MHM Cisco World
VIP
VIP

‎07-20-2023 02:04 AM

Not mandatory to config 

BUT case you  need it 

If there is FW and FW allow one IP through acl and nat here you need to specify mgmt IP 

Many many cases I see' the sw is l2 not l3 so there is defualt gw and no ip routing' and default gw is reachable via only mgmt subnet' here mandatory you need to specify mgmt IP as source to connect server

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎07-20-2023 09:14 AM

Without it, the tacacs server, I recall, will see the IP of the device's L3 egress interface which might differ if there are different possible paths between devices.

0 Helpful
Customers Also Viewed These Support Documents