CSS11501 - source port and IP address for logging & TACACS

Unanswered Question
Jan 22nd, 2009

(1) What source IP address does a CSS (ver 7.5) use for (a) logging, (b) TACACS? Is it always the management port IP address? Can it be specified?

(2) What Eth port does a CSS (ver 7.5) use for (a) logging, (b) TACACS? Is it the management or a standard FE port. For TACACS it appears to be always the latter while the TACACS request still uses the IP address of the former? Is this correct? Can it be specified?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Gilles Dufour Fri, 01/23/2009 - 02:29

the source interface can't be specified.

The CSS will use the source interface based on the routing table.

It will take the ip of the exit interface to reach the TACACS server.

G.

michael.botha Wed, 01/28/2009 - 22:34

In my experience this seems to be partially correct.

Syslog, snmp-trap and icmp seem to use the management source interface based on the routing table. More specific routes added via "ip management route" command.

The tacacs however seems to ignore these routes specified via "ip management route".

Actions

This Discussion