RADIUS AND TACACS ( AAA Server )
AAA ( Authentication Authorization Accounting ) Server
RADIUS Server is commonly used to authenticate users connecting to Wi-Fi, VPNs, or wired 802.1X networks.
When you connect to a corporate Wi-Fi and enter:
-
Username:
rohith -
Password:
Cisco123
Username + Password
│
▼
Access Point (AP)
│
RADIUS Request
UDP Port 1812
│
▼
RADIUS Server
(Cisco ISE / FreeRADIUS /
Microsoft NPS)
│
Accept / Reject
│
▼
Access Point
│
▼
Laptop Connected
TACACS+ Server is typically used to authenticate and authorize network administrators logging into routers, switches, and firewalls. It also supports command-by-command authorization, making it well suited for managing administrative access.
Download putty toolssh - secured login
ssh -l admin 192.168.10.1 ( admin is username )
enter password
telnet - unsecured login.
no username and password..
telnet - unsecured login.
no username and password..
Difference Between RADIUS and TACACS+
| Feature | RADIUS | TACACS+ |
|---|---|---|
| Protocol | UDP | TCP |
| Port | 1812 (authentication), 1813 (accounting) | 49 |
| Encrypts | Password only | Entire packet payload |
| Authentication | Yes | Yes |
| Authorization | Limited | Granular command authorization |
| Accounting | Yes | Yes |
| Best Use | Network access (Wi-Fi, VPN, 802.1X) | Device administration (routers, switches, firewalls) |
Comments
Post a Comment