Configure routers to use RADIUS, TACACS+, LDAP, and local authentication to validate users requesting access to the network. The order in which authentication is processed among RADIUS, TACACS+, LDAP, and local can be specifically configured. In other words, the authentication order can be configured to process authorization through TACACS+ first, then RADIUS for authentication and accounting. Local access can be specified next in the authentication order if the RADIUS and TACACS+ servers are not operational. The security methods capabilities are listed in Table: Security methods capabilities.
| Method | Authentication | Authorization | Accounting1 |
|---|---|---|---|
Local |
√ |
√ |
Not supported |
TACACS+ |
√ |
√ |
√ |
RADIUS |
√ |
√ |
√ |
LDAP |
√ |
Not supported |
Not supported |