Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

VRF and Tacacs authentication

I have an issue authenticating to a 4500 switch running VRF-lite using TACACS.

The switch IOS is 12.2(20)E.

I have multiple VRF instances configured with 1 specific one for management.

My config is:

aaa new-model

aaa authentication login default group tacacs+ local

aaa authorization exec default group tacacs+ local

aaa accounting commands 15 default stop-only group tacacs+

ip vrf Management

rd 6:1

route-target export 6:1

route-target import 6:1

interface Vlan848

description Management

ip vrf forwarding Management

ip address X

standby 105 ip X

standby 105 preempt

ip tacacs source-interface Vlan848

line vty 0 4

access-class 21 in vrf-also

password xxx

transport input ssh

I have read the Cisco article

Which refers to Per VRF Tacacs, however when trying to configure this as per the example most of the commands are not avilable to me.

Does anyone know if there are any specific TACACS commands used with VRF?

Many thanks.

New Member

Re: VRF and Tacacs authentication

Yes, but if you read the command reference you will find that the feature you are trying to use was introduced in 12.3(7)T and you are running 12.2(20)EW, so it's not yet avaialable in the code you have running.

Hope this helps.

New Member

Re: VRF and Tacacs authentication

Thanks for the reply.

I did note this and am planning to do a upgrade.

However I was wondering if this is actually what I am after or if there is some missing config.

It seemed like this should be available if the code supports VRF...

CreatePlease to create content