Normally you would have a TACACS/RADIUS server ( Cisco's ACS comes to mind ) and a TACACS/RADUS client ( Router/WAP also come to mind) In order for those two devices to communicate you must specify a password that is "shared" between them. This is used to assure that the Devices in question are who they say they are. For example on a router you would specify the TACACS server IP and the TACACS password. If either of these are incorrect then the router in this case would not be able to authenticate off of the device. On a WAP you would specify the radius server name/IP the port is using ( 1645 or 1812 ) and the password.
I would imagine, but Im to lazy to look up :) that this password is used to encrypt the data between the client and server for both protocols. TACACS+ is Cisco proprietary ( notice the + ) while standard TACACS and radius are open standards. Here is a rather old document that talks about how the radius password is used. I can't vouch for its technical accuracy, but It was a good read no the less. http://skoda.sockpuppet.org/tqbf/radius-security.html I also used my top secret search engine and found plenty of other great references as well. Here is a link to it: www.google.com :) Thanks Larry -----Original Message----- From: Morgan Hansen [mailto:[EMAIL PROTECTED]] Sent: Monday, July 01, 2002 6:09 PM To: [EMAIL PROTECTED] Subject: TACACS - Radius password authentication [7:47897] Hi all:-) Hmm.. Im wondering... What in gods name are TACACS and Radius passwords? I understand I can use them as password authentication, but?? Im sitting here up to my ears with Wave books and the latest Odom 640-607 book and cant find anything on the subject?? Anyone? Best, Morgan Hansen mailto:[EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=47910&t=47897 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
