How can we specify TACACS source interface on a MAS?
1. What is the default source IP address for a TACACS request?
2. How can we change the it?
1. Default source IP address in a TACACS request is the VLAN IP address used by MAS to reach the switch. This is decided by the routing table. Thus it can change if vlan goes down etc.
2. We can change it to a fixed address using following command:
(ArubaS2500-24P) (config) #aaa authentication-server tacacs new (ArubaS2500-24P) (TACACS Server "new") #source-interface ? loopback Use IP address of the loopback vlan Select VLAN of outgoing TACACS requests to this server
We can set it to loopback or any vlan IP address.
3. This is supported in versions Aruba OS 7.4.1 and above.