Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

TACACS+ Authentication and Telnet

I have a Cisco Secure AAA implementation where Cisco devices have the command "aaa authentication login default tacacs+ enable". While this is in place, I know TACACS+ is being used to encrypt the packets between the NAS and the ACS. What I don't know is if the telnet session made with the NAS is also using TACACS+? In other words, is the password being sent to the router in clear text and then encrypted before being passed to the ACS or is the telnet session also encyrpting the packets via TACACS+? Thanks very much.

2 REPLIES
New Member

Re: TACACS+ Authentication and Telnet

I answered my own question in testing by finding out that the password is sent in the clear over the Telnet session.

Does anyone know options of remeding this situation other then SSH?

Silver

Re: TACACS+ Authentication and Telnet

Hi,

Unfortunately, ssh is the only option. taacs+ client your router not the client machine. Your client machine cannot open up any tacacs+ connections. Thanks,

Mynul

289
Views
0
Helpful
2
Replies
CreatePlease login to create content