Is there any method to configure the source address of Tacacs packets generated on our controller ( OS 6.1.1.0 ) Ideally we would like to use the loopback address.
Many Thanks
Mike
There is currently no way to configure the TACACS source interface.
It tends to use the VLAN interface that is in the same subnet as the loopback address.
Many thanks for the reply much appreciated - our testing tends to confirm your statement and the Tacacs source address seems to be the the egress SVM and not the loopback.
Please submit a feature request on the idea portal if you'd like to see this feature.
What would the controller use if no loopback address is configured? the "controller-ip" configured address?
I'm not 100% on this but we've seen it use the lowest IP address of any interface.
I have added a new post to the Idea Portal requesting the ability to configure the source address use to craft Tacacs packets on the controller - once again thanks for all the replies regarding this!
Regards
This feature is enabled starting from 6.5.2 code. Check this http://www.arubanetworks.com/techdocs/ArubaOS_6_5_3_X_Web_Help/Content/ArubaFrameStyles/1CommandList/aaa_authentication_serve3.htm
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.