09-25-2008 04:23 AM - edited 03-10-2019 04:06 PM
Hi,
I have some question regarding AAA..
1)which one is the best?
a) TACACS+
b) RADIUS
2)How to configure AAA in network devices?
3)How to configure RADIUS/TACACS+ in ACS?
Please guide in this smatter?
Thanx
som
09-26-2008 11:50 AM
hi Som,
Let me explain first What TACACS+ & Radius do.
Radius will do the encryption only authenticating part, Where as TACACS+ will encrypt end to end means till the telnet sessions end all the data will encrypted.
Problem here is TACACS+ is Cisco Propritory,
RADIUS is Manf independent.
if your entire network is having only cisco products then it is better to go with TACACS+.
09-26-2008 12:03 PM
"Where as TACACS+ will encrypt end to end means till the telnet sessions end all the data will encrypted"
that is not correct. TACACS+ will encrypt the
communication between the AAA server and the
network devices. If you telnet to the network
device from a workstation, your username
and password will travel "in the clear"
between the workstation and the network
device.
Radius will encrypt only the password, not the
username. TACACS+ will encrypt both.
Radius will bundle both the Authentication
and Authorization whereas TACACS+ will
separate both the Authentication and
Authorization.
09-26-2008 05:48 PM
Hi Som,
It's not possible to answer your questions in one post.
You will find the answers to your questions under the following urls:
AAA:
RADIUS:
TACACS+:
ACS 4.2:
Cheers:
Istvan
09-26-2008 09:19 PM
many many thanks!!!
Hi Istvan,
Links are very helpful....Thanks a lot!!
one more question...
where shall I get the TACACS+ or RADIUS server software.......
09-26-2008 11:36 PM
Hi Som,
The latest version of CiscoSecure ACS sofware can be purchased from your nearest Cisco reseller.
Cheers:
Istvan
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: