Chad A. Adlawan writes: > hello everyone ! > i friend was asking me whether i can help him convert his slackware system > to debian (since imthe only debian user in our group and their slak admin > jumped ship) from "tacacs" to "radius" ... whatever those are. can someone > please help point to me where i > should look for more info regarding this ? > also in question is for an ISP billing system, any suggestions? > TIA, > Chad
Radius and Tacacs are protocolols for providing authentication and authorisation over a network. Usually they are used to authentcate a dialin users name and password when he/she connects dials in to an access server or router and then authorise the services on that access server (ie can the user have ip over ppp or ip and ipx or perhaps dialback as well). You can also use them to creat a virtual dial in profile for the user which is downloaded to whichever access box they dial in to (saves ISPs and such like configuring all the users on each box). They give central control and admin to this process, basically you configure the deamon on a central (usually Linux or Unix) box and do minimal config on the dialin routers, just point them at the daemon. Radius was developed by Livingston (now Lucent I think) and is pretty much in the public domain and almost all routers etc support it. Tacacs or these days Tacacs+ is Cisco Systems proprietry but since they have such huge market share you still see a lot of it. Cisco provide source code that will compile on Linux and also sell a supported Unix and Windows NT version. There are many implementations of Radius. Which is the best Radius or Tacacs+ depends on your envioronment, mixed vendor equipment then Radius is best but if you are an all Cisco site then Tacacs+ has more options for their equipment. Hope that clears it up for you. Pat
