On Fri, 12 Feb 2016, Alan DeKok wrote:
So it *is* a AAA protocol?
I actually do not know what criteria you put in the AAA term. It might be
different from what I use it for.
For me TACACS does the following things:
It checks username/password when I login, and the TAC+ server says if I
can login or not with those credentials.
It sends CLI commands I run on the router to the TAC+ server, and the TAC+
server grants or doesn't grant me to run those individual commands, on a
per-command basis. It also records what commands I ran.
That's what I thought the "Authentication, Authorization, Accounting"
meant.
As far as I have understood, Radius/Diameter doesn't do the last
function(s) I described. Why is that?
--
Mikael Abrahamsson email: [email protected]
_______________________________________________
OPSAWG mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/opsawg
