Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
583
Views
5
Helpful
2
Replies

aaa requests with wrong ip address instead of tacacs source-interface

t.waibel
Level 1
Level 1

‎07-08-2007 11:52 PM - edited ‎03-10-2019 03:15 PM

Hi,

i am just wondering that a network device is sending his requests to the acs appliance with another ip than the configured ip that is configured with the "ip tacacs source-interface" command.

The problem occured first when i was searching a network device in the TACACS+ Administration Report. I expected to filter the Loopback-IP configured with the "ip tacacs source-interface" command. But the network device (cisco CISCO7604) was answering with an ip configured on a VLAN-IP.

Does anybody have an idea about this behaviour?

Thanks

Torsten Waibel

Labels:
0 Helpful
2 Replies 2

Premdeep Banga
Level 7
Level 7

‎07-09-2007 03:57 AM

Check if this applies,

CSCdv62649 : ip tacacs source-interface not working

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCdv62649

Regards,

Prem

t.waibel
Level 1
Level 1
In response to Premdeep Banga

‎07-09-2007 06:11 AM

Hi,

this bug describes nearly our problem.

in our case the aaa authentication is still working. we only have problems with the identification of the NAS inside the TACACS+ Administration Report.

As we have only wildcards and no names for our network device groups we need to filter now for an ip which is configured on a routed interface instead of the tacacs source-interface.

We have this problem on Cisco 7600 Routers running ios 122-18.SXF5. So it seems that the bug is still not fixed.

Regards

Torsten Waibel

0 Helpful
Customers Also Viewed These Support Documents