2-25
Operation Command Remarks
Set the IP address and port
number of the primary TACACS
authentication server
primary authentication
ip-address [ port ]
Required
By default, the IP address of the
primary authentication server is
0.0.0.0, and the port number is
0.
Set the IP address and port
number of the secondary
TACACS authentication server
secondary authentication
ip-address [ port ]
Optional
By default, the IP address of the
secondary authentication
server is 0.0.0.0, and the port
number is 0.
z You are not allowed to configure the same IP address for both primary and secondary
authentication servers. If you do this, the system will prompt that the configuration fails.
z You can remove an authentication server setting only when there is no active TCP connection that
is sending authentication messages to the server.
Configuring TACACS Authorization Servers
Table 2-27 Configure TACACS authorization servers
Operation Command Remarks
Enter system view
system-view
—
Create a HWTACACS scheme
and enter its view
hwtacacs scheme
hwtacacs-scheme-name
Required
By default, no HWTACACS
scheme exists.
Set the IP address and port
number of the primary TACACS
authorization server
primary authorization
ip-address [ port ]
Required
By default, the IP address of the
primary authorization server is
0.0.0.0, and the port number is 0.
Set the IP address and port
number of the secondary
TACACS authorization server
secondary authorization
ip-address [ port ]
Optional
By default, the IP address of the
secondary authorization server is
0.0.0.0, and the port number is 0.
z You are not allowed to configure the same IP address for both primary and secondary authorization
servers. If you do this, the system will prompt that the configuration fails.
z You can remove a server only when it is not used by any active TCP connection for sending
authorization messages.
To Next Page
Loading...