03-11-2008 08:03 AM - edited 03-10-2019 03:42 PM
I have created a per-VRF TACACS config on a couple of network devices. I can ping the ACS servers through the VRF. TACACS makes the attempt to contact the servers, but the following message shows up in the log when I debug TACACS:
*Mar 11 08:57:38 starts: TAC+: Opening TCP/IP to x.x.x.x/49 timeout=5
*Mar 11 08:57:38 starts: TAC+: TCP/IP open to x.x.x.x/49 failed -- Address already in use
I can't find anything on CCO that references the "Address already in use" message.
Has anyone run into this?
03-11-2008 09:10 AM
FYI: If anyone else runs into this, it's a known bug. The bug ID is CSCsl45701. The workaround is to use a source-interface in the global table. The URL for the bug is:
03-26-2008 07:03 AM
Hi,
I have a similar issue, but the server group configuartion also goes missing. This is on a 6500 running 12.2.33SXH. Did your server group go missing from the running config?
Thanks.
03-26-2008 03:52 PM
Hmmm...no, the server group is still there. Did you see the other post which describes the bug ID? The link to the bug is:
Do you get the IP address is in use log message?
03-27-2008 02:31 AM
Hi,
Saw the bug, we get address in use message, but that seems to be due to the aaa group missing.
04-14-2008 08:42 AM
we ran into it on modular IOS 12.2(33)SXH1
we found that if we reverted to non-modular IOS 12.2(33)SXH1, the issue was resolved and we had no issues.
04-14-2008 09:04 AM
That is very good news; I will give it a shot. Thanks for the post.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide