This document gives an insight about tacacs+ and Radius.
What is Tacacs?
Terminal Access Controller Access-Control System (TACACS) is a remote authentication protocol that is used to communicate with an authentication server. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access to the network.
What is Radius?
Remote Authentication Dial-In User Service (RADIUS) is a client/server protocol and software that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or service. RADIUS allows a company to maintain user profiles in a central database that all remote servers can share. It provides better security, allowing a company to set up a policy that can be applied at a single administered network point.
For the Network Access Server (NAS) to communicate with Cisco Secure ACS for Windows, these two ports must be enabled:
TCP port 49 for TACACS+
UDP ports 1645/1646 and 1812/1813 for RADIUS (default ports)