From l7protocols
Jump to navigation Jump to search

TACACS is Terminal Access Controller Access Control System, a remote authentication protocol that is used to communicate with an authentication server in Unix networks.

This page covers TACACS, XTACACS and TACACS+. TACACS itself dates back to ARPANET. It is defined in RFC 1492, "An Access Control Protocol, sometimes called TACACS". A later version of TACACS introduced in 1990 was called XTACACS (Extended TACACS). These two versions have generally been replaced by TACACS+ and RADIUS. TACACS+ is a completely new protocol which is not compatible with TACACS or XTACACS. It was devised by Cisco for controlling access to networks and routers, as part of their AAA (Authentication, Authorisation and Accounting) offering. Cisco has published a specification for the protocol and several other router vendors support it, but it hasn't been accepted as widely as RADIUS.



TACACS uses TCP or UDP port 49 by default.

TACACS+ uses TCP port 49 by default.


See also