[nsp] TACACS+ server of choice?
Chris Parker
cparker at starnetusa.net
Tue Jan 27 21:31:14 EST 2004
At 07:55 PM 1/27/2004, Sean Mathias wrote:
>To state the obvious, RADIUS has the advantage of vendor-neutrality and
>native EAP support. TACACS+ has the advantage of easy of use and full
>encryption of exchanges (rather than just the password in RADIUS). I
>prefer TACACS for the ease of use, but have had problems in the past
>with some devices (even Cisco) only supporting RADIUS.
Another big difference is command logging. In theory there is no
reason 'radius' can't do this, but AFAIK you cannot do this unless
you use TACACS.
Unless you specifically need that, I'd recommend RADIUS any day of
the week. <shameless plug for FreeRADIUS: http://www.freeradius.org>
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless! \ Director, Engineering
| @ @ | \ http://www.starnetwx.net \ (847) 963-0116
oOo---(_)---oOo--\------------------------------------------------------
\ Wholesale Internet Services - http://www.megapop.net
More information about the cisco-nsp
mailing list