Table of Contents
Advertisement
Raisecom
ISCOM2600G-HI (A) Series Configuration Guide
Backup accounting server IP:
Accounting server key:
Backup Accounting server Key:
Accounting fail policy:
Accounting
NAS IP address:
Use the show aaa command to show RADIUS accounting.
Raisecom#show aaa
Accounting login:
Update interval(minute):
Accounting fail policy:
10.5 TACACS+
10.5.1 Introduction
Terminal Access Controller Access Control System (TACACS+) is a kind of network access
authentication protocol similar to RADIUS. The differences between them are:
In a word, TACACS+ is safer and more reliable than RADIUS; however, as an open protocol,
RADIUS is more widely used.
10.5.2 Preparing for configurations
Scenario
You can authenticate and account on users by deploying a TACACS+ server on the network to
control users to access the ISCOM2600G-HI series switch and network. TACACS+ is safer
and more reliable than RADIUS. The ISCOM2600G-HI series switch can be used as an agent
of the TACACS+ server, and authorize users access according to feedback result from the
TACACS+ server.
Prerequisite
N/A
TACACS+ uses TCP port 49, which has higher transmission reliability compared with
UPD port used by RADIUS.
TACACS+ encrypts the holistic of packets except the standard head of TACACS+, and
there is a field to show whether the data packets are encrypted in the head of packet.
Compared to RADIUS user password encryption, the TACACS+ is much safer.
TACACS+ authentication function is separated from authorization and accounting
functions; it is more flexible in deployment.
Raisecom Proprietary and Confidential
Copyright © Raisecom Technology Co., Ltd.
port:1813
orMCKszV2X38
--
offline
enable
2
offline
10 Security
422
Advertisement
Table of Contents
