i have configured the cisco acs server, it is working fine with the all the switches expect for the switch which has got the multiple vlan interfaces, what could be the problem? was it because that it has got multiple interfaces & multiple IP addresses?
everything is perfect, i mean the key #, tacacs server ip address, switch is also reachable to the tacacs server(ACS).
aaa authentication login default group tacacs+ enable local
aaa authentication enable default group tacacs+ enable
aaa authorization exec default group tacacs+ if-authenticated
aaa authorization commands 1 default group tacacs+ if-authenticated
aaa authorization commands 15 default group tacacs+ if-authenticated
aaa accounting exec default start-stop group tacacs+
tacacs-server host 10.203.1.92 key checkingtheswitch
tried with 2950/2950/3550/3750 as the edge switches, it works fine,but doesn't work on 3750 which is the vlan server having multiple vlan interfaces.
I think it is likely that your TACACS requests to the ACS server are being sourced from an interface address that is not the address that you configured on the server for this switch. In configuring the ACS server you can identify only a single IP address for each remote device. The remote device must use that IP address as the source address in its TACACS requests. In remote devices with a single VLAN or a single interface into the part of the network where the ACS server is located, the situation is easy because the remote device will automatically use the correct address. But in devices which have multiple VLANs or multiple interfaces into the part of the network where the ACS server is located it is possible that the device will use a different address as the source address of the TACACS request.
The way to fix this issue is to use the command ip tacacs source-interface and to specify the inteface with the address that corresponds to the address configured in the ACS server.