istrative control over the authentication and authorization processes. TACACS+ allows for a
single access control server (the TACACS+ dae
mon) to provide authentication,
accounting services independently. Each service can be tied into its
advantage of other services available on that server or on the network, depending on the
capabilities of the daemon. There is a draft RFC detailing this protocol.
configuring remote TACACS+ servers can be found
http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a0080094e99.shtml
http://www.cisco.com/en/US/products/sw/secursw/ps49
11/products_user_guide_chapter09186a0
http://cio.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113ed_cr/secur_c/scprt2
Perform the following procedure to configure the RADIUS authentication
method to be used whenever
or any of its serial ports or hosts is accessed:
Serial and Network: Authentication
(IP or host name) of the remote Authentication/ Authorization server.
Multiple remote servers may be
In addition to multiple remote servers
you can also enter for separate lists of
Authentication/Authorization servers and Accounting servers. If no Accounting servers are
specified, the Authentication/Authorization
RADIUS remote authentication will now be used for all user access
and serially or network attached devices
he Remote Authentication Dial
In User Service (RADIUS) protocol was developed by
ivingston Enterprises as an access server authentication and accounting protocol. The RADIUS
server can support a variety of methods to authenticate a user. When it is provided with the
username and original password given by the user, it can support PPP,
Comments to this Manuals