Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
877
Views
11
Helpful
3
Replies

TACACS+ & RADIUS versions

Go to solution
Richard Murphy
Level 1
Level 1

‎12-20-2016 04:06 AM - edited ‎03-12-2019 05:47 PM

Hi,

Can anyone point me at the versions of TACACS+ and RADIUS that Cisco ACS 5.8 uses or how to find them on the ACS itself ?

 

I'm being asked by an auditor to provide the versions and the vendor documentation on both protocols.

 

Thanks in advance.

 

Rich

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Gagandeep Singh
Cisco Employee
Cisco Employee

‎12-20-2016 04:43 AM

You can run both tacacs and radius on any ACS version. However, in ISE TACACS comes from ISE 2.0 version. Prior to 2.0, we only support RADIUS.

Hope it answers your query. Also you can look for release notes for any ISE or ACS version.

Regards

Gagan

ps: rate if it helps!!!!

View solution in original post

3 Replies 3

Go to solution
Gagandeep Singh
Cisco Employee
Cisco Employee

‎12-20-2016 04:43 AM

You can run both tacacs and radius on any ACS version. However, in ISE TACACS comes from ISE 2.0 version. Prior to 2.0, we only support RADIUS.

Hope it answers your query. Also you can look for release notes for any ISE or ACS version.

Regards

Gagan

ps: rate if it helps!!!!

Go to solution
Rahul Govindan
VIP Alumni
VIP Alumni

‎12-20-2016 06:13 AM

I do not know if there is a 'Radius version' that the ACS supports. Radius servers usually have to conform to RFC's 2865 and 2866. There are a few other RFC's that document extensions and new features. The ACS support for this is mentioned here:

http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_system/5-8/user/guide/acsuserguide/rad_tac_phase.html

TACACS+ is a CISCO designed extension to TACACS and has the latest version of 1.78 as per the RFC draft given below:

https://tools.ietf.org/html/draft-grant-tacacs-02

My assumption is that Cisco supports the latest version, but I believe the best way to confirm it is by taking a TACACs+ packet capture and looking at the headers. More information about TACACS+ is given in the same link above.

Go to solution
Richard Murphy
Level 1
Level 1
In response to Rahul Govindan

‎12-20-2016 07:03 AM

Thanks for the reply,

Think I found a newer RFC - >https://tools.ietf.org/html/draft-ietf-opsawg-tacacs-05

Customers Also Viewed These Support Documents