How to configure AAA

Unanswered Question
Sep 25th, 2008

Hi,


I have some question regarding AAA..


1)which one is the best?

a) TACACS+

b) RADIUS


2)How to configure AAA in network devices?


3)How to configure RADIUS/TACACS+ in ACS?


Please guide in this smatter?


Thanx

som

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
chaitu_kranthi Fri, 09/26/2008 - 11:50

hi Som,


Let me explain first What TACACS+ & Radius do.


Radius will do the encryption only authenticating part, Where as TACACS+ will encrypt end to end means till the telnet sessions end all the data will encrypted.


Problem here is TACACS+ is Cisco Propritory,

RADIUS is Manf independent.


if your entire network is having only cisco products then it is better to go with TACACS+.








cisco24x7 Fri, 09/26/2008 - 12:03

"Where as TACACS+ will encrypt end to end means till the telnet sessions end all the data will encrypted"


that is not correct. TACACS+ will encrypt the

communication between the AAA server and the

network devices. If you telnet to the network

device from a workstation, your username

and password will travel "in the clear"

between the workstation and the network

device.


Radius will encrypt only the password, not the

username. TACACS+ will encrypt both.


Radius will bundle both the Authentication

and Authorization whereas TACACS+ will

separate both the Authentication and

Authorization.

somnath21 Fri, 09/26/2008 - 21:19

many many thanks!!!


Hi Istvan,


Links are very helpful....Thanks a lot!!


one more question...


where shall I get the TACACS+ or RADIUS server software.......

Istvan_Rabai Fri, 09/26/2008 - 23:36

Hi Som,


The latest version of CiscoSecure ACS sofware can be purchased from your nearest Cisco reseller.


Cheers:

Istvan

Actions

This Discussion