tacacs source-interface
To specify the source IP address of a selected interface for all outgoing TACACS+ packets, use the
tacacs source-interface command. To disable use of the specified interface IP address, use the no form of
this command.
tacacs source-interface type path-id [vrf vrf-id]
no tacacs source-interface type path-id
Syntax Description
Interface type. For more information, use the question mark (?) online help function.
type
Physical interface or virtual interface.
Use the show interfaces command in EXEC mode to see a list of all interfaces
currently configured on the router.
Note
For more information about the syntax for the router, use the question mark (?) online
help function.
path-id
Specifies the name of the assigned VRF.
vrf vrf-id
Command Default
If a specific source interface is not configured, or the interface is down or does not have an IP address
configured, the system selects an IP address.
Command Modes
Global configuration mode
Command History
ModificationRelease
This command was introduced.Release 2.0
The vrf keyword was added.Release 4.1.0
Usage Guidelines
Use the tacacs source-interface command to set the IP address of the specified interface for all outgoing
TACACS+ packets. This address is used as long as the interface is in the up state. In this way, the TACACS+
server can use one IP address entry associated with the network access client instead of maintaining a list of
all IP addresses.
This command is especially useful in cases where the router has many interfaces and you want to ensure that
all TACACS+ packets from a particular router have the same IP address.
When the specified interface does not have an IP address or is in a down state, TACACS+ behaves as if no
source interface configuration is used.
Cisco IOS XR System Security Command Reference for the Cisco CRS Router, Release 4.1
OL-24740-01 105
Authentication, Authorization, and Accounting Commands
tacacs source-interface
To Next Page
Loading...
Need help?
General
