Wired Networks

How can we specify TACACS source interface on a MAS?

Aruba Employee
Q:

1. What is the default source IP address for a TACACS request?

2. How can we change the it?

 



A:

1. Default source IP address in a TACACS request is the VLAN IP address used by MAS to reach the switch. This is decided by the routing table. Thus it can change if vlan goes down etc.

2. We can change it to a fixed address using following command:

(ArubaS2500-24P) (config) #aaa authentication-server tacacs new

(ArubaS2500-24P) (TACACS Server "new") #source-interface ?
loopback                Use IP address of the loopback
vlan                    Select VLAN of outgoing TACACS requests to this
                        server

We can set it to loopback or any vlan IP address.

3. This is supported in versions Aruba OS 7.4.1 and above.

Version history
Revision #:
2 of 2
Last update:
‎05-18-2016 01:17 PM
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.