All users can execute ip route A.A.A.A B.B.B.B <VlanX/GigabitX> <next-hop IP>. However, without <VlanX/GigabitX>, tacacs should reject it.
Meaning the ip route command would have to contain a VLAN or Interface specifier , or be rejected. Here are some examples: Good static route – accepted: ip route 192.168.1.128 255.255.255.192 Vlan1686 192.168.1.6 name foo_to_bar ip route 192.168.2.0 255.255.255.0 TenGigabitEthernet4/16.689 192.168.2.12 ip route vrf S609150:1678 172.26.0.0 255.255.0.0 Vlan1682 10.35.174.33 Bad static route: - rejected: ip route vrf s617:securities-micro:B 192.168.7.60 255.255.255.255 192.168.7.58 ip route 172.29.141.48 255.255.255.240 172.26.250.73 name bar_to_foo Thanks -- Asif Iqbal PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.shrubbery.net/pipermail/tac_plus/attachments/20180220/ed55e83f/attachment.html> _______________________________________________ tac_plus mailing list tac_plus@shrubbery.net http://www.shrubbery.net/mailman/listinfo/tac_plus
