TACCAS issue

Unanswered Question
Feb 21st, 2008

Hi,

After changing our config from normal to vrf lite , my taccas is not working, I had same isssue with ntp but assign the config with vrf as below, "2ntp server vrf lite7200 10.190.2.1" and

its start working,Please see my config below for TACCAS,i am not sure whrere I can assign it to vrf.

""aaa authentication login default group tacacs+ line

aaa authentication enable default group tacacs+ enable

aaa authorization exec default group tacacs+ if-authenticated none

aaa accounting suppress null-username

aaa accounting exec default stop-only group tacacs+

aaa accounting commands 15 default stop-only group tacacs+

aaa session-id common

ip subnet-zero

tacacs-server host 10.1.1.1 single-connection

tacacs-server directed-request ""

----------------

ping vrf lite7200 10.1.1.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms

W2-7204VRF-1#ping 10.1.1.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

Regards,

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (2 ratings)
Loading.
mohammedrafiq Thu, 02/21/2008 - 07:51

Hi,

Thanks for your response, just not sure about the following command,Do I need this in my config?

Router (config-sg-tacacs+)# server-private port 19 key

Cos I already have the following commands in my config.

"# tacacs-server host 1.1.1.1

#tacacs-server key test123"

Regards,

royalblues Thu, 02/21/2008 - 08:06

I dont think it is needed

If it does not work, then configuring it would not hurt :-)

Narayan

mohammedrafiq Fri, 02/22/2008 - 09:22

Hi,

I am still unable to add vrf to tacacs,

Router(config-sg-tacacs+)#?

TACACS+ Server-group commands:

default Set a command to its defaults

exit Exit from TACACS+ server-group confguration mode

no Negate a command or set its defaults

server Specify a TACACS server

Router(config-sg-tacacs+)#Router(config-sg-tacacs+)#ip vrf ?

% Unrecognized command

=-----

I am running IOS

c7200-js-mz.123-23.bin

Regards,

mohammedrafiq Sat, 02/23/2008 - 04:59

Hi,

The following command is already configured but I cannot add #ip vrf # command some how, any idea?

#ip tacacs source-interface loopback0#

Regards,

mohammedrafiq Mon, 02/25/2008 - 05:34

Hi ,

I have upgrade my IOS from 12.2 to 12.3 as below but still unable to add ip vrf forwarding command under " aaa group server tacacs+ tacacs1"

Please can anyone shed a light on this issue?

--------

Router(config-sg-tacacs+)#?

TACACS+ Server-group commands:

default Set a command to its defaults

exit Exit from TACACS+ server-group confguration mode

no Negate a command or set its defaults

server Specify a TACACS server

Cisco Internetwork Operating System Software

IOS (tm) 7200 Software (C7200-JS-M), Version 12.3(25), RELEASE SOFTWARE (fc1)

Copyright (c) 1986-2008 by cisco Systems, Inc.

Compiled Tue 29-Jan-08 00:17 by alnguyen

ROM: System Bootstrap, Version 12.2(8r)B, RELEASE SOFTWARE (fc1)

BOOTLDR: 7200 Software (C7200-JS-M), Version 12.2(14)S, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)

Router uptime is 0 minutes

System returned to ROM by reload at 15:23:43 UTC Sat Dec 18 2004

System image file is "disk2:c7200-js-mz.123-25.bin"

mohammedrafiq Mon, 02/25/2008 - 06:48

I have upgrade the image to 12.3 (14T), and its working now.

Thanks for all the people who respose to this mail.

Regards,

Actions

This Discussion