If some of your Linux systems are acting as network elements that should be accessed only by your network administrators, you may choose to configure these systems to also use your TACACS server for AAA. With such a server, you can add or delete a new router administrator on all of your routers at the same time in one place. It is often useful to have a TACACS server to support authentication for proprietary systems on your network, such as Cisco routers, that implement TACACS clients. This page describes how to configure a Linux system to act as a TACACS server using the tac plus software package. To use TACACS, the Linux (or other) client must have IP access to a TACACS server, which is usually a separate physical server that provides authentication services to many clients. Based on the PAM configuration, the Linux system can use a RADIUS, LDAP, or TACACS server or may perform purely local authentication. A Linux system may act as an authentication client when when logging in a user. The client must use the authentication protocol appropriate for the server. A NAS can be a client to an AAA server, such as a RADIUS, LDAP, or TACACS daemon. TACACS+ is a protocol for AAA services (Authentication, Authorization, Accounting), very similar to RADIUS.Ī system that provides logins to users is often called a NAS (Network Access Server), not to be confused with NAS - (Network Attached Storage). TACACS+ provides separate authentication, authorization and accounting services. In computer networking, TACACS+ ( Terminal Access Controller Access-Control System Plus) is a Cisco Systems proprietary protocol which provides access control for routers, network access servers and other networked computing devices via one or more centralized servers. From the TACACS+ article at Wikipedia, the free encyclopedia:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |