Tacacs, Tacacs+ overview, General guidelines – Allied Telesis AT-GS950/8 User Manual
Page 289: Tacacs+ overview general guidelines
AT-GS950/8 Web Interface User Guide
289
TACACS+
You can use the TACACS+ client with 802.1x port-based access control to
authenticate which packets are forwarded through the switch. This section
explains how to configure TACACS+ on the switch and contains the
following sections:
“TACACS+ Configuration” on page 290
Note
To activate the TACACS+ feature, you must also configure the port-
based network access control feature. See “Port Access Control” on
page 280.
Note
To permanently save your new settings or any changes to the
configuration file, select Save Settings to Flash from the main
menu on the left side of the page.
TACACS+
Overview
TACACS+ (Terminal Access Controller Access-Control System Plus) is an
authentication protocol for enhancing the security of your network. The
protocol transfers the task of authenticating network access from a
network device to an authentication protocol server.
TACACS+ is similar to RADIUS, however, certain differences are as
follows:
TACACS+ separates authentication and authorization
in a user profile, whereas, RADIUS combines
authentication and authorization.
TACACS uses TCP instead of UDP.
The AT-S113 Management software comes with TACACS+ client
software. You can use the TACACS+ software together with 802.1x port-
based access control. To control which end users and end nodes can
send packets through the switch, you can configure the TACACS+ client
using “TACACS+ Configuration” on page 290.
General
Guidelines
The following guidelines apply when using the TACACS+ protocol.
You must install TACACS+ server software on a network server or
management station. Authentication protocol server software is not
available from Allied Telesis.