Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2521
Views
0
Helpful
3
Replies

Comparison of usage of Tacacs+ and Radius for PIX.

LIMTT
Level 1
Level 1

‎02-10-2003 12:41 AM - edited ‎03-10-2019 07:08 AM

I had a network setup with Pix 525 and CSACS version 3.0

I would like to find out which Access control protocol best suite to my design.

For Radius protocol.

I am using the "downloadable Acl " ( Acl configure in Radius server, will push down to Pix when user successfully authenticated) .

For Tacacs+ protocol,

I am suing the command shell ( Acl configured in Pix ).

There is an advice for PIX configuration that the overall command line enter in PIX shoud keep below certain value, may be 1000.

Base on the above explanation.

It looks like having a Radius protocol configured will caused less command line configured in the PIX.

Am I right to say Radius is better than Tacacs+ ?

Could some one give me some advice ?

Thanks.

Labels:
0 Helpful
3 Replies 3

tepatel
Cisco Employee
Cisco Employee

‎02-18-2003 08:38 PM

Looking on what you want to do, I think RADIUS will be the better one for you.

0 Helpful

sghosh
Level 1
Level 1

‎02-27-2003 11:07 PM

If you are concerned about the ACL on the pix, then it is better to use radius to control the ACL stuff and iff-load it to the ACS server, but if you are looking at administration of the pix , tacacs+ is a better option as it has more administratibe features.

0 Helpful

mhoda
Level 5
Level 5

‎03-27-2003 01:03 AM

If you are looking for command authorization (while managing pix), then tacacs+ is the only option. But, radius is definitely a better choice for downloadbable ACL.

0 Helpful
Customers Also Viewed These Support Documents