Wired Networks

How to set the source IP address for TACACS configuration?
Requirement:

MAS switch / stack running 7.4 and above.

 



Solution:

 

We can set the source interface for TACACS in two ways:

 

a. Globally.

b. Per TACACS server config.

 

When both of the above are configured, the switch will use the one configured on respective server config.



Configuration:

 

Let us verify the default settings:

(ArubaS3500-24P-US) #show ip tacacs source-interface

Global TACACS source interface:
            vlan: 0
              ip: 0.0.0.0
        loopback: disabled

Per-server client source IP addresses:

 

Let us configure it globally:


(ArubaS3500-24P-US) (config) #ip tacacs source-interface vlan 1

 

Now let us configure it per TACACS server:


(ArubaS3500-24P-US) (config) # aaa authentication-server tacacs test
(ArubaS3500-24P-US) (TACACS Server "test") #source-interface vlan 2
(ArubaS3500-24P-US) (TACACS Server "test") #exit

 

 

 



Verification
(ArubaS3500-24P-US) #show ip tacacs source-interface

Global TACACS source interface:
            vlan: 1
              ip: 10.17.171.2
        loopback: disabled

Per-server client source IP addresses:
        Server "test":  vlan 2, IP 10.150.2.2

 

Version history
Revision #:
2 of 2
Last update:
‎03-24-2017 09:14 PM
Updated by:
 
Labels (1)
Contributors
Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.