I've got L2 switch with a secondary IP address configured (for management purposes), it's connected to a ADSL router and we're 'natting' on the router to the secondary IP address - all seems to be working OK.
When we apply aaa to the L2 switch, it doesn't seem to respond to the tacacs server - does tacacs always work to the primary ip address ? or is there a way to communicate with the secondary address ?
Please try using ip tacacs source-interface but fisrt try pinging tacacs+ from this particular SVI using ping source .
Hope this helps.