I have a VPN site to site tunnel between a 3000 series concentrator and a Cisco router, with the router being the remote end. I would like to be able to use TACACS for my AAA services on the router. The routers inside interface address is 172.16.1.1, and my crypto map acl allows the entire 172.16.1.0 255.255.255.0 subnet to talk to the head end, with the reverse crypto map acl on the concentrator. Traffic passes fine, but if I try to telnet to the router, its not prompting me for TACACS. I'm pretty sure my TACACS config is ok. Should I be able to use TACACS across the vpn. The TACACS server is on the head end, by the way, and its address is within the crypto map acl.
I have this problem too.