Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search instead for
Did you mean:
AAA requests sent by Router / Switch to Cisco Secure ACS server fails as it contains wrong source IP address
This issue is due to presence of Cisco bug ID CSCsd46369.
In this issue the packets sent by the router or switch contain the wrong IP source address, even though the configuraiton identifies a specific interface to be used as the IP source address. The TACACS+ server rejects some of the AAA requests since they arrive with an unknown IP source address.
This issue is typically observerd on a 3845 that runs Cisco IOS Software Release 12.4(5) (c3845-adventerprisek9_sna-mz.124-5.bin).
The configuration included the line:
ip tacacs source-interface Loopback0
The workaround for this issue is to configure entries for each IP address in use at each NAS on TACACS+ server.
In order to completely resolve this issue, upgrade the router to any of these software releases: