TACACS+ protocol provides access control for routers, network access servers and other networked computing devices via one or more centralized servers. TACACS+ provides separate authentication, authorization and accounting services.
TACACS allows a client to accept a username and password and send a query to a TACACS authentication server, sometimes called a TACACS daemon or simply TACACSD. This server was normally a program running on a host. The host would determine whether to accept or deny the request and sent a response back. The TIP would then allow access or not, based upon the response. In this way, the process of making the decision is "opened up" and the algorithms and data used to make the decision are under the complete control of whoever is running the TACACS daemon. The extensions to the protocol provide for more types of authentication requests and more types of response codes than were in the original specification.
There are three versions of TACACS and the third version is called TACACS+, which is not compatible with previous versions.
Protocol Structure
| 4 bits | 8 bits | 16 bits | 24 bits | 32 bits |
| Major | Minor | Packet type | Sequence no. | Flags |
| Session ID | ||||
| Length | ||||
- Major version - The major TACACS+ version number.
- Minor version - The minor TACACS+ version number. This is intended to allow revisions to the TACACS+ protocol while maintaining backwards compatibility.
- Packet type - Possible values are:
TAC_PLUS_AUTHEN:= 0x01 (Authentication).
TAC_PLUS_AUTHOR:= 0x02 (Authorization).
TAC_PLUS_ACCT:= 0x03 (Accounting). - Sequence number - The sequence number of the current packet for the current session.
- Flags - This field contains various flags in the form of bitmaps. The flag values signify whether the packet is encrypted.
- Session ID - The ID for this TACACS+ session.
- Length - The total length of the TACACS+ packet body (not including the header).
Sponsor Source: TACACS (and TACACS+) is a Cisco protocol.
Reference Links:
http://www.javvin.com/protocol/rfc1492.pdf: An Access Control Protocol, Sometimes Called TACACS
http://www.javvin.com/protocol/tacacs.html : Introduction to TACACS+
Comments
Patriots Super Bowl Jersey
Patriots Super Bowl Jersey Ravens Super Bowl Jersey Tom Brady Jersey Rob Gronkowski Jersey BenJarvus Green-Ellis Jersey Wes Welker Jersey Ed Reed Jersey Joe Flacco Jersey Ray Lewis Jersey Ray Rice Jersey Tedy Bruschi Jersey Aaron Hernandez Jersey Albert Haynesworth Jersey Andre Tippett Jersey Chad Ochocinco Jersey Danny Woodhead Jersey Deion Branch Jersey Devin McCourty Jersey Fred Taylor Jersey Irving Fryar Jersey Jerod Mayo Jersey John Hannah Jersey Julian Edelman Jersey Kevin Faulk Jersey Laurence Maroney Jersey Leigh Bodden Jersey Nate Solder Jersey Patrick Chung Jersey Randy Moss Jersey Anquan Boldin Jersey Derrick Mason Jersey Haloti Ngata Jersey Jarret Johnson Jersey Jimmy Smith Jersey Lardarius Webb Jersey Le'Ron McClain Jersey Michael Oher Jersey Ricky Williams Jersey T.J. Houshmandzadeh Jersey Terrell Suggs Jersey Todd Heap Jersey Torrey Smith Jersey Willis McGahee Jersey Anquan Boldin Women's Jersey Ed Reed Women's Jersey Haloti Ngata Women's Jersey Joe Flacco Women's Jersey Ray Lewis Women's Jersey Ray Rice Women's Jersey Terrell Suggs Women's Jersey Anquan Boldin Youth Jersey Derrick Mason Youth Jersey Ed Reed Youth Jersey Haloti Ngata Youth Jersey Joe Flacco Youth Jersey Michael Oher Youth Jersey Ray Lewis Youth Jersey Ray Rice Youth Jersey Terrell Suggs Youth Jersey Todd Heap Youth Jersey