Wednesday, November 20, 2013

Problem in configuring the TACACS server - How can we configure IP TACACS source address?

On our router two IP addresses are configured as mentioned below and we are not able to configure the TACACS server due to source address issue where we can only configure source interface which is taking source IP address Please let us know if there is any config where we can configure IP tacacs source address as a instead of source interface.
interface FastEthernet0/0
description # CONNECTED TO LAN #
ip address secondary
ip address

When you set up a source interface, it will always take the primary address as the source. You can set up another ip address on a loopback interface, but you wouldn't be able to use the subnet on the loopback as it's already used as a secondary on the lan interface.

You could set up a loopback interface that references the host like:

int lo1
ip address

You'd have to set this up for routing so the tacacs server could get to it, but those are a couple of options. The other option is to swap the two addresses if you need them both on the lan interface.

