Categories
CCNP Enterprise Core (350-401) Cisco Security

Comparison of RADIUS and TACACS+

ComponentRADIUSTACACS+
Protocol and PortsCisco:
UDP Port 1645 (Authentication/Authorisation)
UDP Port 1646
(Accounting)
Industry Standard:
UDP Port 1812 (Authentication/Authorisation)
UDP Port 1813
(Accounting)
TCP Port 49
EncryptionEncrypts the password field
Supports EAP for 802.1x authentication
Encrypts entire payload
Does not support EAP
Authentication and AuthorisationCombines authentication and authorisation
Cannot be used to authorise individual CLI commands
Separates authentication and authorisation
Can be used for individual CLI command authorisation
AccountingDoes not support network device CLI accountingSupport network device CLI command accounting
Primary UseSecure Network AccessNetwork Device Access Control
Comparison of RADIUS and TACACS+

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.