A10E/A28E/A28F Configuration Guide
Checking results
Use the show radius-server command to check whether the RADIUS server is correctly
configured.
Alpha-A28E#show radius-server
Authentication server IP: 192.168.1.1 port:1812
Backup authentication server IP:0.0.0.0 port:1812
Authentication server key: alpha-a28e
Accounting server IP: 192.168.1.1 port:1813
Backup accounting server IP: 0.0.0.0 port:1813
Accounting server key: alpha-a28e
Use the show aaa accounting command to check whether the RADIUS accounting is
correctly configured.
Alpha-A28E#show aaa accounting
Accounting login: enable
Accounting update interval: 2
Accounting fail policy: offline
6.5 TACACS+
6.5.1 Introduction
Terminal Access Controller Access Control System (TACACS+) is a kind of network access
authentication protocol similar to RADIUS. The differences between them are:
TACACS+ uses TCP port 49, which has higher transmission reliability compared with
UPD port used by RADIUS.
TACACS+ encrypts the holistic of packets except the standard head of TACACS+, and
there is an area to show whether the data packets are encrypted in the head of packet.
Compared to RADIUS user password encryption, the TACACS+ is much safer.
TACACS+ authentication function is separated from authorization and accounting
functions; it is more flexible in deployment.
In a word, TACACS+ is safer and more reliable than RADIUS. However, as an open protocol,
RADIUS is more widely-used.
6.5.2 Preparing for configurations
Scenario
To control users accessing to the A10E/A28E and the network, you can authenticate and
account users by deploying the TACACS+ server in the network. Compared with RADIUS,
To Next Page
Loading...