Caution:
1) The entered key must match the key used by the TACACS+ server.
2) All the leading spaces and ending spaces in a key string will be ignored. In addition, a key that
contains spaces in the middle is not supported.
2.4.5 Specify a Source IP Address for the TACACS+ Packets to be
Transmitted
You can specify a source IP address for the TACACS+ packets sent from different
interfaces on the router. In this way, the TACACS+ server will contact the router only
at that IP address.
A TACACS+ server requires the administrator to register all the TACACS+ clients. The
clients are scrutinized on the basis of their source IP address. Therefore, the different
interfaces on the same router are regarded by the TACACS+ server as different
clients. Whenever the TACACS+ server receives a packet carrying an unregistered
source IP address, it regards the packet as illegal and hence does no processing on
it.
Caution:
You must make sure that the specified source IP address is the IP address of some interface on the
router, and that the server maintains the route to that IP address. You can configure a loopback interface
on the router, specify an IP address for it, and use this address as the source IP address of the
TACACS+ packets.
Perform the following configuration in system view.
Table 2-6 Specify the source IP address for the transmitted TACACS+ packets
Operation Command
Configure the source IP address for the
transmitted TACACS+ packets
source-ip
{
ip-address
|
interface
interface-type
interface-number
}
Remove the source IP address specified for
the TACACS+ packets to be transmitted
undo source-ip
By default, the source IP address is the IP address of the interface where the
TACACS+ packets are sent.
3Com Router Configuration Guide Addendum for V1.20
22