Authentication, Authorization, and Accounting Commands on Cisco IOS XR Software

tacacs source-interface

Usage Guidelines To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Use the tacacs source-interfacecommand to set the IP address of the specified interface for all outgoing TACACS+ packets. This address is used as long as the interface is in the up state. In this way, the TACACS+ server can use one IP address entry associated with the network access client instead of maintaining a list of all IP addresses.

This command is especially useful in cases where the router has many interfaces and you want to ensure that all TACACS+ packets from a particular router have the same IP address.

When the specified interface does not have an IP address or is in a down state, TACACS+ behaves as if no source interface configuration is used.

Task ID

Examples

Task ID

Operations

aaa

read, write

 

 

The following example shows how to set the IP address of the specified POS interface for all outgoing TACACS+ packets:

RP/0/RP0/CPU0:router# configure

RP/0/RP0/CPU0:router(config)# tacacs source-interface POS 0/1/0/1

Related Commands

Command

Description

 

aaa group server radius

Groups different server hosts into distinct lists and distinct methods.

 

 

 

Cisco IOS XR System Security Command Reference

SR-88

Page 87 Page 89
Page 88
Image 88
Cisco Systems XR manual Aaa group server radius, SR-88
Page 87 Page 89
Top Page Image Contents