GarrettCom MNS-6K-SECURE 14.1.4 Manual Do Utilizador

 

his feature is available in MNS-6K-SECURE. TACACS+, short for Terminal Access 
Controller Access Control System, protocol provides access control for routers, network 
access servers and other networked computing devices via one or more centralized servers. 
TACACS+ provides separate authentication, authorization and accounting services. 

T 

T
a

ACACS allows a client to accept a username and password and send a query to 

 TACACS authentication server, sometimes called a TACACS daemon (server) 

or simply TACACSD. This server was normally a program running on a host. 

The host would determine whether to accept or deny the request and sent a response back.  

j 

 
The TACACS+ protocol is the latest generation of TACACS. TACACS is a simple UDP based 
access control protocol originally developed by BBN for the MILNET (Military Network). 
Cisco’s enhancements to TACACS are called XTACACS. XTACACS is now replaced by 
TACACS+. TACACS+ is a TCP based access control protocol. TCP offers a reliable connection-
oriented transport, while UDP offers best-effort delivery. 
 
TACACS+ improves on TACACS and XTACACS by separating the functions of 

 

 

 

authentication, authorization and accounting and by encrypting all traffic between the Network 
Access Server (NAS) and the TACACS+ clients or services or daemon.  It allows for arbitrary 
length and content authentication exchanges, which allows any authentication mechanism to be 
utilized with TACACS+ clients. The protocol allows the TACACS+ client to request very fine-
grained access control by responding to each component of a request. 
 
The Magnum 6K family of switches implements a TACACS+ client. 

 

1.  TACACS+ servers and daemons use TCP Port 49 for listening to client 

requests. Clients connect to this port number to send authentication and 
authorization packets. 

2.  There can be more than one TACACS+ server on the network. MNS-

6K supports a maximum of five TACACS+ servers 

116