Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
15079
Views
4
Helpful
4
Replies

tacacs-server source interface

Go to solution
sblavanya
Level 1
Level 1

‎02-22-2010 07:58 AM - edited ‎03-06-2019 09:50 AM

Hi All

Just a quick one..

incase I have a tacacs server source-interface loopback0 command configured, and my loopback has no ip address , will the source packets go with the outgoing interface IP ?

I saw in command reference - "

The specified interface must have an IP address associated with it. If the specified subinterface does not have an IP address or is in a down state, TACACS+ reverts to the default. To avoid this situation, add an IP address to the subinterface or bring the interface to the up state"

what does TACACS+ reverts to default mean ? I dont think there is any default state associated with tacacs configuration right ?

Thanks

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame
In response to sblavanya

‎02-22-2010 09:21 AM 

sblavanya wrote:
Thanks Reza..
What happens if there is no loopback interface defined at all ? Does it still go back to default and take the VLAN IP?
Our issue is, we have many devices either with no IP on the loopback, or no loopback defined, and incase when standardizing, we apply the "ip tacacs source-interface loopback0" it shouldnt hamper tacacs communication, and take the VLAN IP address..
Thanks

Yes, it will use the outgoing interface vlan/IP.

If you do not have loopback addresses defined on your devices, there is no need sourcing your tacace commands from the loopback address.

it is just extra proccesing burdn added to the router CPU and not needed.

HTH

Reza

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame

‎02-22-2010 08:56 AM

Hi,

By default it uses the outgoing interface IP.  If you specify loopback address with an IP then it uses the loopback IP and if there is no IP on the loopback interface then it reverts to default which means outgoing interface IP.

HTH

Reza

Go to solution
sblavanya
Level 1
Level 1
In response to Reza Sharifi

‎02-22-2010 09:10 AM

Thanks Reza..

What happens if there is no loopback interface defined at all ? Does it still go back to default and take the VLAN IP?

Our issue is, we have many devices either with no IP on the loopback, or no loopback defined, and incase when standardizing, we apply the "ip tacacs source-interface loopback0" it shouldnt hamper tacacs communication, and take the VLAN IP address..

Thanks

0 Helpful

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame
In response to sblavanya

‎02-22-2010 09:21 AM 

sblavanya wrote:
Thanks Reza..
What happens if there is no loopback interface defined at all ? Does it still go back to default and take the VLAN IP?
Our issue is, we have many devices either with no IP on the loopback, or no loopback defined, and incase when standardizing, we apply the "ip tacacs source-interface loopback0" it shouldnt hamper tacacs communication, and take the VLAN IP address..
Thanks

Yes, it will use the outgoing interface vlan/IP.

If you do not have loopback addresses defined on your devices, there is no need sourcing your tacace commands from the loopback address.

it is just extra proccesing burdn added to the router CPU and not needed.

HTH

Reza

0 Helpful

Go to solution
sblavanya
Level 1
Level 1
In response to Reza Sharifi

‎02-22-2010 09:43 AM

Thanks Reza.

Ya.. Im aware of the fact not to source tacacs on interfaces which arent defined, but sometimes people push policies of NCM, where it is statically defined to push, and that shouldnt break any coomunication...

Thanks again for the help

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card