It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see End-of-Support for CloudGen Firewall Firmware for further information on our EoS policy.

How to Configure TACACS+ Authentication

  • Last updated on

Terminal Access Controller Access-Control System Plus (TACACS+) is an access control network protocol (TCP) for routers, network access servers, and devices. Unlike RADIUS, TACACS+ uses separate authentication and authorization. TACACS+ provides centralized user and group management and offers extended logging options. TACACS+ supports multiple protocols, e.g., IP and  AppleTalk .

Configure TACACS+

To configure TACACS+ for external authentication with the Barracuda CloudGen Firewall,

  1. Go to CONFIGURATION > Configuration Tree > Box > Infrastructure Services > Authentication Service.
  2. In the left navigation pane, select TACACS+ Authentication.
  3. Click Lock.
  4. Enable TACACS+ as external directory service.
  5. In the TACACS+ IP Address table, add an entry for each TACACS+ server. You can edit the following settings:
    • TAC+ IP Address – IP address of the TACACS+ server.
    • TAC+ ID Port – ID Port information. E.g.: tty10
    • TAC+ Server Port – TCP port of the TACACS+ server.
    • TAC+ Key – DES encryption key.

      The key can consist of small and capital characters, numbers, and non alpha-numeric symbols, except the hash sign (#).

    • Timeout (s) – Authentication timeout in seconds.
    • TAC+ Login Type – TACACS+ login type (inbound).
  6. Click OK.
  7. If group information is queried from a different authentication scheme, select the scheme from the User Info Helper Scheme list.
  8. Click Send Changes and Activate.