As part of your CCNP certification exam studies, particularly for the ISCW exam, you need to be very clear on the differences between TACACS+ and RADIUS. Learn all about these differences in this exclusive article!
As part of your CCNP certification exam studies, particularly for the ISCW exam, you need to be very clear on the differences between TACACS+ and RADIUS.
As a CCNA and future CCNP, you've already configured authentication in the form of creating a local database of usernames and passwords for both Telnet access and PPP authentication. This is sometimes called a self-contained AAA deployment, since no external server is involved.
It's more than likely that you'll be using a server configured for one of the following security protocols:
TACACS+, a Cisco-proprietary, TCP-based protocol
RADIUS, an open-standard, UDP-based protocol originally developed by the IETF
An obvious question is "If there's a TACACS+, what about TACACS?" TACACS was the original version of this protocol and is rarely used today.
Before performing AAA Authentication configuration, there are some other TACACS+ / RADIUS differences you should be aware of:
While TACACS+ encrypts the entire packet, RADIUS encrypts only the password in the initial client-server packet.
RADIUS actually combines the authentication and authorization processes, making it very difficult to run one but not the other.
TACACS+ considers Authentication, Authorization, and Accounting to be separate processes. This allows another method of authentication to be used (Kerberos, for example), while still using TACACS+ for authorization and accounting.
RADIUS does not support the Novell Async Services Interface (NASI) protocol, the NetBIOS Frame Protocol Control protocol, X.25 Packet Assembler / Disassembler (PAD), or the AppleTalk Remote Access Protocol (ARA or ARAP). TACACS+ supports all of these.
RADIUS implementations from different vendors may not work well together, or at all.
RADIUS can't control the authorization level of users, but TACACS+ can.
We’ll discuss the uses of both of these protocols in a future CCNP certification tutorial! Look for more CCNA, CCENT, and CCNP tutorials right here on this same website!
Cisco CCNA and CCNP Practice Exam Questions: Etherchannels, Network Security, and More!
Let's test your knowledge of Etherchannels, Voice protocols, and other important Cisco certification exam topics with these practice exam questions!
CCNA Security Exam Tutorial: When It's Good To Add Salt
For your CCNA security exam studies, you need to know when to add SALT, and where! Learn these vital details from Chris Bryant, CCIE #12933.
Cisco CCNA And CCNP Practice Exam Questions: Frame Relay, Uplinkfast, And More!
Sharpen your Cisco exam-taking skills with these complimentary CCNA, CCNP, and Security questions! Topics include frame relay, packet filtering, and Uplinkfast.
