the router other management services are not available 2 Diameter is an

The router other management services are not

This preview shows page 6 - 9 out of 12 pages.

the router (other management services are not available): 2) Diameter is an authentication, authorization and accounting protocol for computer networks, and a successor to RADIUS. Diameter Applications extend the base protocol by adding new commands and/or attributes, such as those for use of the Extensible Authentication Protocol (EAP). A Diameter Application is not a software application, but a protocol based on the Diameter base protocol (defined in RFC 3588). Each application is defined by an application identifier and can
Image of page 6
UNIT 3 – INDIVIDUAL PROJECT 3 7 add new command codes and/or new mandatory AVPs. Adding a new optional AVP does not require a new application (Hassell, 2003). Examples of Diameter applications: • Diameter Mobile IPv4 Application (MobileIP, RFC 4004) • Diameter Network Access Server Application (NASREQ, RFC 4005) • Diameter Extensible Authentication Protocol Application (RFC 4072) • Diameter Credit-Control Application (DCCA, RFC 4006) assigned TCP and SCTP port number 3868 to Diameter 3) Terminal Access Controller Access-Control System (TACACS) is a remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access to the network. TACACS is defined in RFC 1492, and uses (either TCP or UDP) port 49 by default. A later version of TACACS introduced by Cisco in 1990 was called Extended TACACS (XTACACS). The XTACACS protocol was developed by and is proprietary to Cisco Systems. TACACS allows a client to accept a username and password and send a query to a TACACS authentication server, sometimes called a TACACS daemon or simply TACACSD. This server was normally a program running on a host. The host would determine whether to accept or deny the request and send a response back. The TIP (routing node accepting dial-up line connections,
Image of page 7
UNIT 3 – INDIVIDUAL PROJECT 3 8 which the user would normally want to log in into) would then allow access or not, based upon the response (Microsoft, N.D.). 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Version Type Nonce Username length / Response Password length / Reason Data ::: TACACS+ (Terminal Access Controller Access-Control System Plus) is a Cisco Systems proprietary protocol which provides access control for routers, network access servers and other networked computing devices via one or more centralized servers. TACACS+ provides separate authentication, authorization and accounting services. TACACS+ is based on TACACS, but, in spite of its name, it is an entirely new protocol which is incompatible with any previous version of TACACS. TACACS+ and RADIUS have generally replaced the earlier protocols in more recently built or updated networks, although TACACS and XTACACS are still running on many older systems TACACS+ uses the Transmission Control Protocol (TCP). The extensions to the TACACS+ protocol provide for more types of authentication requests and more types of response codes than were in the original specification. TACACS+ offers multiprotocol support, such as IP and
Image of page 8
Image of page 9

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture