aaa default client

Unanswered Question
Sep 21st, 2007

I'm setting up a new TACACS server and would like to use a wildcard ip address in the client configuration rather than enter all 242 devices (or import them in). Is there a reason why I shouldn't do this?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Richard Burts Sun, 09/23/2007 - 16:48


If you use the wildcard then your server will treat every source that sends it traffic on the correct port as a valid client. From a security perspective that seems to me to be a pretty big hole in your security posture.




This Discussion