Raisecom
ISCOM2600G-HI (A) Series Configuration Guide
Raisecom Proprietary and Confidential
Copyright © Raisecom Technology Co., Ltd.
Backup accounting server IP: port:1813
Accounting server key: orMCKszV2X38
Backup Accounting server Key: --
Accounting fail policy: offline
Accounting
NAS IP address:
Use the show aaa command to show RADIUS accounting.
Raisecom#show aaa
Accounting login: enable
Update interval(minute): 2
Accounting fail policy: offline
10.5 TACACS+
10.5.1 Introduction
Terminal Access Controller Access Control System (TACACS+) is a kind of network access
authentication protocol similar to RADIUS. The differences between them are:
TACACS+ uses TCP port 49, which has higher transmission reliability compared with
UPD port used by RADIUS.
TACACS+ encrypts the holistic of packets except the standard head of TACACS+, and
there is a field to show whether the data packets are encrypted in the head of packet.
Compared to RADIUS user password encryption, the TACACS+ is much safer.
TACACS+ authentication function is separated from authorization and accounting
functions; it is more flexible in deployment.
In a word, TACACS+ is safer and more reliable than RADIUS; however, as an open protocol,
RADIUS is more widely used.
10.5.2 Preparing for configurations
Scenario
You can authenticate and account on users by deploying a TACACS+ server on the network to
control users to access the ISCOM2600G-HI series switch and network. TACACS+ is safer
and more reliable than RADIUS. The ISCOM2600G-HI series switch can be used as an agent
of the TACACS+ server, and authorize users access according to feedback result from the
TACACS+ server.
Prerequisite
N/A
To Next Page
Loading...
Need help?
General
