Wired Intelligent Edge (Campus Switching and Routing)

How can we specify TACACS source interface on a MAS?


1. What is the default source IP address for a TACACS request?

2. How can we change the it?



1. Default source IP address in a TACACS request is the VLAN IP address used by MAS to reach the switch. This is decided by the routing table. Thus it can change if vlan goes down etc.

2. We can change it to a fixed address using following command:

(ArubaS2500-24P) (config) #aaa authentication-server tacacs new

(ArubaS2500-24P) (TACACS Server "new") #source-interface ?
loopback                Use IP address of the loopback
vlan                    Select VLAN of outgoing TACACS requests to this

We can set it to loopback or any vlan IP address.

3. This is supported in versions Aruba OS 7.4.1 and above.

Version history
Revision #:
2 of 2
Last update:
‎05-18-2016 01:17 PM
Updated by:
Labels (1)