TACACS+ Commands
Terminal Access Controller Access-Control System Plus (TACACS+, usually pronounced like tack-axe) is an access control network protocol for network devices.
The differences between RADIUS and TACACS+ can be summarized as follows:
• RADIUS combines authentication and authorization in a user profile, while TACACS+ provides separate authentication.
• RADIUS encrypts only the password in the access-request packet sent from the client to the server. The remainder of the packet is unencrypted. TACACS+ encrypts the entire body of the packet but leaves a standard TACACS+ header.
• RADIUS uses UDP, while TACACS+ uses TCP.
• RADIUS is based on an open standard (RFC 2865). TACACS+ is proprietary to Cisco, although it is an open, publicly documented protocol (there is no RFC protocol specification for TACACS+).
Note: Only network administrators can execute these commands. For more, see the
username command.
Note: The commands below are supported only on the “management” VRF.
This chapter contains these commands:
Last modified date: 10/19/2023