Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
805
Views
1
Helpful
1
Replies

Tacacs+ over VRF

alk1000
Level 1
Level 1

‎07-11-2007 02:54 PM - edited ‎03-03-2019 05:49 PM

Hi,

We've 4 CAT3750ME configured as layer3 MPLS devices for our core network. I'm trying to configure Tacacs on these devices but I'm facing some difficulities.

On Cisco web site, I found the document titled "Per VRF for TACACS+ Severs": http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080434619.html

explaining how to configure a AAA server group adding the commands under it, mentioning that this feature was first introduced on release 12.3(7)T

The problem I'm facing is that the latest IOS version for the 3750ME is 12.2.37-SE (ED)!

Did anyone managed to configure Tacacs in similar situation. The route to the Tacacs server is only known by the vrf routing table, i.e.:

SW3414#sh ip route 10.300.156.75

% Network not in table

!

SW3414#sh ip route vrf MainData 10.300.156.75

Routing entry for 10.300.156.75/32

Known via "ospf 100", distance 110, metric 1

Tag Complete, Path Length == 0, , type extern 2, forward metric 10

Redistributing via bgp 65530

Advertised by bgp 65530 route-map ROUTES-IN

Last update from 10.200.31.21 on Vlan104, 00:36:08 ago

Routing Descriptor Blocks:

* 10.200.31.21, from 10.100.0.3, 00:36:08 ago, via Vlan104

Route metric is 1, traffic share count is 1

Route tag 3221225472

As you would notice from the above, we use iBGP to carry OSPF routes between the four 3750ME switches where OSPF is used for sites hanging off those ME's

Thanks,

Daniel

Labels:
0 Helpful
1 Reply 1

hadbou
Level 5
Level 5

‎07-18-2007 08:41 AM

Enhanced support for the provisioning of Metro Ethernet services - These features include VLAN translation (you can enable one-to-one or two-to-one VLAN translation), storm control settings, enhanced Policy for Virtual Circuit ID (VC ID) attributes, Cisco Catalyst? 6500 Series Supervisor Engine 720 support on Cisco 7600 Series routers (no longer require the Optical Service Module [OSM] card), Cisco Catalyst 3750 Metro Series switches, and UNI Port Security.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card