TACACS : Terminal Access Controller Access Control System (TACACS+) is a Cisco proprietary protocol which is used for the communication of the Cisco client and Cisco ACS server. It uses TCP port number 49 which makes it reliable.
RADIUS : Remote Access Dial-In User Service (RADIUS) is an open standard protocol used for the communication between any vendor AAA client and ACS/ISE server. The standard ports used for radius communication are 1812 for authentication and 1813 for accounting. Legacy radius port number are 1645 for authentication and 1646 for accounting.
| RADIUS |
TACACS |
| RADIUS uses UDP 1812 for Auth and 1813 for Accounting(Legacy ports:1645,1646) |
TACACS uses TCP port no 49 |
| RADIUS combines Authentication and Authorization |
TACACS treats Authentication, Authorization and Accounting separately |
| RADIUS is an open protocol supported by multiple vendors |
TACACS is Cisco proprietary |
| Primary us of Radius is Network Access |
The primary use of TACACS is Device Administration |
| Encrypts only the Password field |
Encrypts the entire Payload |
