You are getting requests from a network device that is not defined under AAA clients (Network Configuration). You can use wild cards to allow any address, or you can setup individual devices.
I agree with David that the reason you are getting these messages is that some device in your network is configured to use your TACACS server but the server is not configured to talk to the IP address that is in the source address of the TACACS packet. There can be two reasons this happens: the server is not configured for this client device at all, or the server is configured to talk to this client device using a different IP address. If the client device has more than one interface which it can use to send to the TACACS server then the server might receive packets from either interface and each one uses its own address as the source address by default. In this situation it is very useful to configure: ip tacacs source-address
to specify which address the client should use. It is probably best practice to specify a loopback address for this.
HTH
Rick
HTH
Rick
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
