Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Dynamic IP/Tacacs+ problem

Hi,

I have several sites using Cisco 877 routers connecting to the Internet through a broadband connection. The ISP is giving us a dynamic ip to the routers. I want to reach an ACS server (using Dynamic DNS) to authenticate users to have access to the internet.

Can the router be configured to look for the Tacacs server using the server domain (www.whatever.com), instead of the ip address? If so, how?

Any help will be very much appreciated.

Regards,

Eduardo

2 REPLIES
New Member

Re: Dynamic IP/Tacacs+ problem

The 877 router can be configured to access the Tacacs server, 877 router supports Radius and Tacacs.

http://cisco.com/en/US/products/hw/routers/ps380/products_data_sheet0900aecd8028a976.html

Re: Dynamic IP/Tacacs+ problem

You may consider using a dynamically negotiated IPsec tunnel and use the local ethernet on the router (mostly a private IP) to authenticate. You can force the interface to be used for authentication using the command:

ip radius source-interface ...

In that way, you will always have a unique ip for authentication.

Regards,

Leo

296
Views
0
Helpful
2
Replies
CreatePlease login to create content