[c-nsp] TACACS+ source-interface in 12.2(33)SRB
Justin Shore
justin at justinshore.com
Wed Mar 14 09:21:08 EST 2007
I just put 12.2(33)SRB on a router we have in testing. We'll be moving
all our Sup720-3BXLs to SRB in the near future for CALEA support. I
rebooted that Sup this morning and noticed upon reboot that it would not
auth me via SSH. I checked the logs on my AAA server and found that the
TACACS packets were coming from an interface IP and not from Lo0 like
I had previously configured prior to the reboot. I changed my TACACS
server config to match the packet coming it and it fixed the problem.
When I went to add the missing command to the 720-3BXL, ip tacacs
source-interface Lo0, it would not take it. SRA1 had this feature and
just about every IOS I've used in the last 5+ years. SRB appears to
have either removed the feature or moved it to another command in the
config tree. Source interface commands are still available for NTP,
syslog, and FTP I know.
Does anyone know if this command is a goner or if it just moved to
somewhere else? I haven't been able to find any docs online.
Thanks
Justin
More information about the cisco-nsp
mailing list