The state of TACACS+

• Previous message (by thread): The state of TACACS+
• Next message (by thread): The state of TACACS+
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Dec 30, 2013, at 6:42 PM, Jimmy Hess <mysidia at gmail.com> wrote:

> How do you feel about having to wait 30 seconds  between every command you enter to troubleshoot,  to fail to the second server,  if the TACACS or RADIUS  system is nonresponsive,  because the dumb router can't remember which TACACS servers are up and which ones are down,  and always tries the first one in the list first?      At least  RADIUS has the concept of a "dead timer" :)

Are you talking about Cisco routers? The default timeout value for TACACS+ is five seconds, so I’m not sure where you’re coming up with thirty seconds, unless you have seven servers listed on the router and the first six are dead/unreachable.

-jav

• Previous message (by thread): The state of TACACS+
• Next message (by thread): The state of TACACS+
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]