3 tacacs – PLANET WGS3-24240 User Manual

User’s Manual of WGS3-24000 / WGS3-24240

196

4.4.3 TACACS+

TACACS+ (Terminal Access Controller Access-Control System Plus) is a protocol which provides access control for routers,

network access servers and other networked computing devices via one or more centralized servers. TACACS+ provides

separate authentication, authorization and accounting services.

TACACS+ is based on TACACS, but, in spite of its name, it is an entirely new protocol which is incompatible with any previous

version of TACACS. TACACS+ and RADIUS have generally replaced the earlier protocols in more recently built or updated

networks, although TACACS and XTACACS are still running on many older systems.

Whereas RADIUS combines authentication and authorization in a user profile, TACACS+ separates the two operations. Another

difference is that TACACS+ uses the TCP while RADIUS uses the UDP. Most administrators recommend using TACACS+

because TCP is seen as a more reliable protocol.

The extensions to the TACACS+ protocol provide for more types of authentication requests and more types of response codes

than were in the original specification.

4.4.3.1 TACACS+ Configuration

Figure 4-4-17 TACACS+ Configuration

Configurable Data

Object

Description

• Key String

Specifies the authentication and encryption key for TACACS+ communications

between the device and the TACACS+ server. The valid range is 0-128

characters.

The key must match the key configured on the TACACS+ server

.

• Connection Timeout

The maximum number of seconds allowed to establish a TCP connection

between the device and the TACACS+ server.

• Submit button

Send the updated screen to the switch and cause the changes to take effect on

the switch but these changes will not be retained across a power cycle unless a

save is performed.