Our AS5300 IOS version 12.2(17)a, is configured with two Group-async interfaces, and 96 modems. The modems are split between the two interfaces. At this time we have both group-async interfaces configured to use the same tacacs server for authentication.
I want to send one group to the one tacacs server, which is actually a SafeWord server, but I want the other group to be authentication using LDAP, which means sending them to another tacacs server which interfaces with an LDAP server.
I tried putting two tacacs server commands in the router put can't find away to point the groups to either one.
How can I do this?
Here is part of the AS5300 config:
modem-pool hcs
pool-range 65-96
called-number 6084 max-conn 32
!
modem-pool ghc
pool-range 1-48,49-60
called-number 6779 max-conn 60
!
!
interface Group-Async1
ip unnumbered Ethernet0
encapsulation ppp
async mode interactive
ipx ppp-client Loopback0
peer default ip address pool default
no fair-queue
ppp authentication pap if-needed
ppp use-tacacs
group-range 1 60
!
interface Group-Async2
ip unnumbered Ethernet0
encapsulation ppp
async mode interactive
ipx ppp-client Loopback0
peer default ip address pool default
no fair-queue
ppp authentication pap if-needed
ppp use-tacacs
group-range 65 96
!
tacacs-server host 164.12.123.123