[c-nsp] tacacs+ an nexus 5010

Arne Larsen / Region Nordjylland arla at rn.dk
Wed Jul 1 07:26:49 EDT 2009


I guess, I can fid that command, I've seen in doc also. But the config points to mng vrf.

aaa group server tacacs+ REG_TAC
    server xxx.xxxx.xxx.xxx
    deadtime 5
    use-vrf management

/Arne

-----Oprindelig meddelelse-----
Fra: Tom Lanyon [mailto:tom at netspot.com.au]
Sendt: 1. juli 2009 10:09
Til: Arne Larsen / Region Nordjylland
Cc: cisco-nsp
Emne: Re: [c-nsp] tacacs+ an nexus 5010

>> No, it should be right. My problem is that if I do a tcpdump on the
>> tacacs+ server I dont see anything from the nexus.
>> It's like it doesn't leave the box at all.
>
> or is blocked elsewhere - check the network that the TACACS+ traffic
> is being sent on and check ACLs etc that might be in the way on the
> way to the server. check firewall on server to ensure such traffic is
> allowed.  ping and telnet are okay but they wont test the actual
> method used.


... and are you using the correct 'ip tacacs source-interface' to source the traffic?


More information about the cisco-nsp mailing list