home

Supported platforms

Vyatta documentation

Learn how to install, configure, and operate the Vyatta Network Operating System (Vyatta NOS) and Orchestrator, which help drive our virtual networking and physical platforms portfolio.

TACACS+ authentication

This section presents the following topics:

TACACS+ is a distributed access control system for routers that provides authentication, authorization, and accounting.

To configure TACACS+, you specify the location of the TACACS+ server and specify the secret to be used to authenticate the user on the server. A TACACS+ secret is specified in plain text and stored in plain text on the system and is used as part of a cryptographic operation for transferring authentication information securely over the network. A TACACS+ secret must not contain spaces and is case sensitive.

Where TACACS+ authentication is used, some delay can be expected as the TACACS+ server is queried; the amount of delay depends on the cumulative timeout values configured for all TACACS+ servers.

Unlike RADIUS, TACACS+ authentication does not require prior authentication in the login database of the vRouter. A TACACS+ server can be used either as the only authentication server or as a supplement to the vRouter, providing password authentication.