TACACS+ and RADIUS Comparison

preview_player
Показать описание
what is the difference between RADIUS and TACACS?
TACACS+
Terminal Access Controller Access Control System (TACACS+) is a Cisco proprietary protocol that is used for the communication of the Cisco client and Cisco ACS server. It uses TCP port number 49 which makes it reliable.

RADIUS –
Remote Access Dial-In User Service (RADIUS) is an open standard protocol used for the communication between any vendor AAA client and ACS server. If one of the clients or servers is from any other vendor (other than Cisco) then we have to use RADIUS. It uses port number 1812 for authentication and authorization and 1813 for accounting.

Similarities –
The process is started by Network Access Device (NAD – client of TACACS+ or RADIUS). NAD contacts the TACACS+ or RADIUS server and transmits the request for authentication (username and password) to the server. First, NAD obtains a username prompt and transmits the username to the server, and then again the server is contacted by NAD to obtain a password prompt and then the password is sent to the server.

The server replies with an access-accept message if the credentials are valid otherwise send an access-reject message to the client. Further authorization and accounting are different in both protocols as authentication and authorization are combined in RADIUS.
#ASA #Cisco #CCNA
Рекомендации по теме