3560 secondary ip address

Answered Question
Sep 20th, 2010

I've got L2 switch with a secondary IP address configured (for management purposes), it's connected to a ADSL router and we're 'natting' on the router to the secondary IP address - all seems to be working OK.

When we apply aaa to the L2 switch, it doesn't seem to respond to the tacacs server - does tacacs always work to the primary ip address ? or is there a way to communicate with the secondary address ?

Correct Answer by Kostas Kyriakos about 6 years 4 months ago

Hello.

Please try using ip tacacs source-interface but fisrt try pinging tacacs+ from this particular SVI using ping source .

Hope this helps.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Kostas Kyriakos Sun, 09/26/2010 - 09:42

Hello.

Please try using ip tacacs source-interface but fisrt try pinging tacacs+ from this particular SVI using ping source .

Hope this helps.

Rolf Fischer Mon, 03/14/2011 - 09:44

> lease try using ip tacacs source-interface

How do you do that?

As far as I see you can't assign IP-addresses as source-interface (at least with IOSs we're using):

ip tacacs source-interface

To use the IP address of a specified interface for all outgoing TACACS+ packets, use the ip tacacs source-interface command in global configuration mode. Use the no form of this command to disable use of the specified interface IP address.

ip tacacs source-interface subinterface-name

no ip tacacs source-interface

Syntax Description

subinterface-name

Name of the interface that TACACS+ uses for all of its outgoing packets.

Actions

This Discussion

Related Content