Table of Contents
Advertisement
4.4.3 TACACS+
TACACS+ (Terminal Access Controller Access-Control System Plus) is a protocol which provides access control for routers,
network access servers and other networked computing devices via one or more centralized servers. TACACS+ provides
separate authentication, authorization and accounting services.
TACACS+ is based on TACACS, but, in spite of its name, it is an entirely new protocol which is incompatible with any previous
version of TACACS. TACACS+ and RADIUS have generally replaced the earlier protocols in more recently built or updated
networks, although TACACS and XTACACS are still running on many older systems.
Whereas RADIUS combines authentication and authorization in a user profile, TACACS+ separates the two operations. Another
difference is that TACACS+ uses the TCP while RADIUS uses the UDP. Most administrators recommend using TACACS+
because TCP is seen as a more reliable protocol.
The extensions to the TACACS+ protocol provide for more types of authentication requests and more types of response codes
than were in the original specification.
4.4.3.1 TACACS+ Configuration
Configurable Data
。
Key String - Specifies the authentication and encryption key for TACACS+ communications between the device and
the TACACS+ server. The valid range is 0-128 characters.
TACACS+
server.
。
Connection Timeout - The maximum number of seconds allowed to establish a TCP connection between the device
and the TACACS+ server.
Command Buttons
。
Submit - Send the updated screen to the switch and cause the changes to take effect on the switch but these
changes will not be retained across a power cycle unless a save is performed.
Figure 4-4-17 TACACS+ Configuration
The key must match the key configured on the
166
Advertisement
Table of Contents
