Configure routers to use RADIUS, TACACS+, LDAP, and local authentication to validate users requesting access to the network. The order in which authentication is processed among RADIUS, TACACS+, LDAP, and local can be specifically configured. In other words, the authentication order can be configured to process authorization through TACACS+ first, then RADIUS for authentication and accounting. Local access can be specified next in the authentication order if the RADIUS and TACACS+ servers are not operational. The security methods capabilities are listed in Table: Security methods capabilities.
| Method | Authentication | Authorization | Accounting1 |
|---|---|---|---|
Local |
✓ | ✓ | Not supported |
TACACS+ |
✓ | ✓ | ✓ |
RADIUS |
✓ | ✓ | ✓ |
LDAP |
✓ | Not supported |
Not supported |