[c-nsp] 12.2(33)SRB, ip tacacs command on 7604
Justin Shore
justin at justinshore.com
Wed Sep 26 22:05:56 EDT 2007
Christian Bering wrote:
>> aaa group server tacacs+ tacmethod
>> server-private x.x.x key 7 yyyyyy
>> ip tacacs source-interface Loopback0
>
> That worked for us but not until I removed the old parts:
>
> no tacacs-server host x.x.x.x
> no tacacs-server directed-request
> no tacacs-server key yyyy
This didn't fix it for us unfortunately.
> Crashed the router once while fiddling around with it but it got
> working.
We didn't crash but we had 99% CPU due to a TACACS bug that was
exasperated by the whole situation.
> But I have to recommend against SRB in a production environment. SRB1
> also. Wait for SRB2 if possible.
Unfortunately many of us service providers in the US are stuck in a
situation we we're legally required to run SRB or later to get a
specific feature, namely CALEA support.
Justin
More information about the cisco-nsp
mailing list