aaa requests with wrong ip address instead of tacacs source-interface

Unanswered Question
Jul 8th, 2007

Hi,

i am just wondering that a network device is sending his requests to the acs appliance with another ip than the configured ip that is configured with the "ip tacacs source-interface" command.

The problem occured first when i was searching a network device in the TACACS+ Administration Report. I expected to filter the Loopback-IP configured with the "ip tacacs source-interface" command. But the network device (cisco CISCO7604) was answering with an ip configured on a VLAN-IP.

Does anybody have an idea about this behaviour?

Thanks

Torsten Waibel

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
t.waibel Mon, 07/09/2007 - 06:11

Hi,

this bug describes nearly our problem.

in our case the aaa authentication is still working. we only have problems with the identification of the NAS inside the TACACS+ Administration Report.

As we have only wildcards and no names for our network device groups we need to filter now for an ip which is configured on a routed interface instead of the tacacs source-interface.

We have this problem on Cisco 7600 Routers running ios 122-18.SXF5. So it seems that the bug is still not fixed.

Regards

Torsten Waibel

Actions

This Discussion