6.3 TACACS+
TACACS+ (Terminal Access Controller Access Control Server) is a security protocol for
AAA (Authorization, authentication and accounting), which is used to provide centralised
authentication for users who want to gain access to the network.
This section explains how to install and configure a TACACS+ on up to two servers on a
Linux environment where the client is a WR-Z16 device.
The instructions to install and configure a TACACS+ server on an Ubuntu machine are
explained in the Appendix " TACACS+ and RADIUS server configuration" on page148.
In order to configure the TACACS+ protocol, it is necessary to modify the configuration
file usually located at:
/etc/tacacs+/tac_plus.conf
6.3.1 Verification of TACACS+ installation
In order to verify the installation, it is possible to use the following set-up (see figure
below). The TACACS+ client will ask for authentication to the server, which will answer if
the user passed. Then the device will ask for credentials, which will be validated by the
TACACS+ server and grant access to the user if the authentication was successful.
Figure 6-4: TACACS setup for verifying the installation.
6.3.2 TACACS+ Client configuration
Once the server is configured, it is necessary to configure the client. In this section, the cli-
ent will be configured on the WR-Z16 device. For that purpose, gpa_ctrl is used to con-
figure IP and secret. These parameters can be found in the security module:
6.3 TACACS+
CHAPTER 6 • WR-Z16 User Manual Rev. v3.4
87
To Next Page
Loading...