aaa requests with wrong ip address instead of tacacs source-interface

Unanswered Question
Jul 8th, 2007
User Badges:


i am just wondering that a network device is sending his requests to the acs appliance with another ip than the configured ip that is configured with the "ip tacacs source-interface" command.

The problem occured first when i was searching a network device in the TACACS+ Administration Report. I expected to filter the Loopback-IP configured with the "ip tacacs source-interface" command. But the network device (cisco CISCO7604) was answering with an ip configured on a VLAN-IP.

Does anybody have an idea about this behaviour?


Torsten Waibel

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
t.waibel Mon, 07/09/2007 - 06:11
User Badges:


this bug describes nearly our problem.

in our case the aaa authentication is still working. we only have problems with the identification of the NAS inside the TACACS+ Administration Report.

As we have only wildcards and no names for our network device groups we need to filter now for an ip which is configured on a routed interface instead of the tacacs source-interface.

We have this problem on Cisco 7600 Routers running ios 122-18.SXF5. So it seems that the bug is still not fixed.


Torsten Waibel


This Discussion