Tacacs+ over VRF

Unanswered Question

Hi,


We've 4 CAT3750ME configured as layer3 MPLS devices for our core network. I'm trying to configure Tacacs on these devices but I'm facing some difficulities.


On Cisco web site, I found the document titled "Per VRF for TACACS+ Severs": http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080434619.html

explaining how to configure a AAA server group adding the commands under it, mentioning that this feature was first introduced on release 12.3(7)T


The problem I'm facing is that the latest IOS version for the 3750ME is 12.2.37-SE (ED)!


Did anyone managed to configure Tacacs in similar situation. The route to the Tacacs server is only known by the vrf routing table, i.e.:


SW3414#sh ip route 10.300.156.75

% Network not in table

!

SW3414#sh ip route vrf MainData 10.300.156.75

Routing entry for 10.300.156.75/32

Known via "ospf 100", distance 110, metric 1

Tag Complete, Path Length == 0, , type extern 2, forward metric 10

Redistributing via bgp 65530

Advertised by bgp 65530 route-map ROUTES-IN

Last update from 10.200.31.21 on Vlan104, 00:36:08 ago

Routing Descriptor Blocks:

* 10.200.31.21, from 10.100.0.3, 00:36:08 ago, via Vlan104

Route metric is 1, traffic share count is 1

Route tag 3221225472


As you would notice from the above, we use iBGP to carry OSPF routes between the four 3750ME switches where OSPF is used for sites hanging off those ME's


Thanks,

Daniel

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 1 (1 ratings)
Loading.
hadbou Wed, 07/18/2007 - 08:41
User Badges:
  • Bronze, 100 points or more

Enhanced support for the provisioning of Metro Ethernet services - These features include VLAN translation (you can enable one-to-one or two-to-one VLAN translation), storm control settings, enhanced Policy for Virtual Circuit ID (VC ID) attributes, Cisco Catalyst? 6500 Series Supervisor Engine 720 support on Cisco 7600 Series routers (no longer require the Optical Service Module [OSM] card), Cisco Catalyst 3750 Metro Series switches, and UNI Port Security.

Actions

This Discussion