> As our company grows, as does its network, router management is getting
> more complex, with more people needing access to our routers. I was considering
> setting up some sort of remote login management with say either tacacs or
> radius, only because these are the names I happen to have heard.
> Ours is mostly a cisco operation. Their products serve our needs from
> fddi concentrators, routers, and bridges. We use cisco 2500,3000, and 4000
> series routers for our different needs. Does anyone have any experience using
> these authentication mechanisms? Additionally, where can I find the server
> programs? Are the available on the net? Are they commercial software? Is this
> all in some faq somewhere?
> Thanks in advance for any help you can offer...
> Adam Prato
Since you are currently using cisco routers, you must use either
Extended TACACS or TACACS+, since they do not yet support the
RADIUS protocol. TACACS+ is supported beginning with IOS release
10.3(x); Extended TACACS is supported in earlier releases.
The basic concepts of TACACS are discussed in RFC 1492; the mechanics
of TACACS+ are discussed in:
tac_plus.spec.v1.58.ps Tacacs+ Protocol specification (postscript)
tac_plus.v1.1.users_guide Tacacs+ Unix Daemon v1.1 Users Guide doc
tac_plus.api.v1.30.ps Tacacs+ Source code API spec (postscript)
You can also find:
tac_plus.v1.1.tar Tacacs+ PD Unix Daemon source code v1.1
The documents/files above can be found on:
However, a valid cisco Systems maintenance contract is required to
access this system in this manner.
Also, I don't normally forward product announcements to the mailing list,
so I am sending you the 'TACACS+ Software 10.3(3)' product announcement
in private e-mail.
Paul Ferguson Dulcius Ex Asperis
US Sprint tel: 703.689.6828
Managed Network Engineering internet: paul @
Reston, Virginia USA http://www.sprintmrn.com