[c-nsp] VRF Tacacs leaking question

mihai at duras.ro mihai at duras.ro
Tue Jan 29 03:49:47 EST 2008


On Tue, January 29, 2008 10:33 am, mihai at duras.ro wrote:
> Hello all,
>
>
>
> I'm having some problems with a C7600 unto which I created several VRFs.
>
>
> One of these VRFs also contains a Tacacs server that I use for
> authenticating several devices inside that VRF.
>
> I also would like to authenticate the C7600 to it.
>
>
>
> How can I accomplish this or what suggestions do you have ?
>
>
> (I tried leaking routes from the global table into the VRF and vice-versa
>  but didn't succeed in getting any results, the logs reported looping
> packet for the reply from the VRF with the tacacs server to the loopback
> in the global table).
>
>
>
>

Hello,

Ignore that last message.

I just solved it using AAA per VRF (per VRF for Tacacs+) from here:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_7/gt_pvt.htm#wp1046887





More information about the cisco-nsp mailing list