Hi Bernie, I've got a 4900M (running 15.1(1)SG). This works fine:
aaa new-model ! ! aaa group server tacacs+ blah server-private x.x.x.x key foo ip vrf forwarding mgmtVrf ip tacacs source-interface FastEthernet1 ! aaa authentication login default group blah local aaa authentication enable default group blah enable aaa authorization exec default group blah local aaa authorization commands 0 default group blah local aaa authorization commands 1 default group blah local aaa authorization commands 15 default group blah local aaa accounting exec default start-stop group blah aaa accounting commands 15 default start-stop group blah There is also, of course, a local account and the int Fa1 is in vrf 'mgmtVrf'. Seemed to need the vrf assignment in the tacacs server group, as well as the source-interface. ttyl, Hagen On Wed, Feb 27, 2013 at 12:39 PM, Bernie <[email protected]> wrote: > Anyone have any good examples for 4900M configs? I've been surfing Google > but I cannot locate any configs for AAA setup that seem to work for me. I > end up able to run aaa tests from my new switch but I can't get it to query > my server on login. I suspect it's more a general problem with routing > setup but I've never worked with VRFs before and would like to find some > working config examples for the 4900M if possible, and keep tinkering away. > > Thanks, > > Bernie > _______________________________________________ > cisco-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > -- Hagen Amen | IT Networking | 988-5227 _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
