a secure, encrypted protocol. By remotely accessing
TACACS+ servers that are provisioned with the administrative
user account database, the VPC can provide TACACS+ AAA
services for system administrative users. TACACS+ is
an enhanced version of the TACACS protocol that uses TCP instead
The VPC serves as the
TACACS+ Network Access Server (NAS). As
the NAS the system requests TACACS+ AAA services on behalf
of authorized system administrative users. For the authentication
to succeed, the TACACS+ server must be in the
same local context and network accessed by the VPC.
StarOS supports TACACS+ multiple-connection
mode. In multiple-connection mode, a separate
and private TCP connection to the TACACS+ server is opened
and maintained for each session. When the TACACS+ session
ends, the connection to the server is terminated.
a system-wide function on the VPC. TACACS+ AAA
service configuration is performed in StarOS TACACS Configuration
Mode. Enabling the TACACS+ function is performed
in the StarOS Global Configuration Mode. StarOS supports
the configuration of up to three TACACS+ servers.
Once configured and
enabled in StarOS, TACACS+ authentication is attempted
first. By default, if TACACS+ authentication
fails, StarOS then attempts to authenticate the user using non-TACACS+ AAA
services, such as RADIUS.
releases after 15.0 MR4, TACACS+ accounting (CLI
event logging) will not be generated for Lawful Intercept
users with privilege level set to 15 and 13.