How to configure AAA

Unanswered Question
Sep 25th, 2008
User Badges:


I have some question regarding AAA..

1)which one is the best?



2)How to configure AAA in network devices?

3)How to configure RADIUS/TACACS+ in ACS?

Please guide in this smatter?



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
chaitu_kranthi Fri, 09/26/2008 - 11:50
User Badges:

hi Som,

Let me explain first What TACACS+ & Radius do.

Radius will do the encryption only authenticating part, Where as TACACS+ will encrypt end to end means till the telnet sessions end all the data will encrypted.

Problem here is TACACS+ is Cisco Propritory,

RADIUS is Manf independent.

if your entire network is having only cisco products then it is better to go with TACACS+.

cisco24x7 Fri, 09/26/2008 - 12:03
User Badges:
  • Silver, 250 points or more

"Where as TACACS+ will encrypt end to end means till the telnet sessions end all the data will encrypted"

that is not correct. TACACS+ will encrypt the

communication between the AAA server and the

network devices. If you telnet to the network

device from a workstation, your username

and password will travel "in the clear"

between the workstation and the network


Radius will encrypt only the password, not the

username. TACACS+ will encrypt both.

Radius will bundle both the Authentication

and Authorization whereas TACACS+ will

separate both the Authentication and


somnath21 Fri, 09/26/2008 - 21:19
User Badges:

many many thanks!!!

Hi Istvan,

Links are very helpful....Thanks a lot!!

one more question...

where shall I get the TACACS+ or RADIUS server software.......

Istvan_Rabai Fri, 09/26/2008 - 23:36
User Badges:
  • Gold, 750 points or more

Hi Som,

The latest version of CiscoSecure ACS sofware can be purchased from your nearest Cisco reseller.




This Discussion