32
To do… Use the command… Remarks
Create an HWTACACS scheme
and enter HWTACACS scheme
view
hwtacacs scheme
hwtacacs-scheme-name
Required
Not defined by default
NOTE:
• Up to 16 HWTACACS schemes can be configured.
• A scheme can be deleted only when it is not referenced.
Specifying the HWTACACS authentication servers
Follow these steps to specify the HWTACACS authentication servers:
To do… Use the command… Remarks
Enter system view system-view —
Enter HWTACACS scheme
view
hwtacacs scheme hwtacacs-scheme-name
—
Specify the primary
HWTACACS authentication
server
primary authentication ip-address
[ port-number | key [ cipher | simple ]
key ] *
Required
Configure at least one
command.
No authentication server is
specified by default.
Specify the secondary
HWTACACS authentication
server
secondary authentication ip-address
[ port-number | key [ cipher | simple ]
key ] *
NOTE:
• If both the primary and secondary authentication servers are specified, the secondary one is used when
the primary one is not reachable.
• If redundancy is not required, specify only the primary HWTACACS authentication server.
• The IP addresses of the primary and secondary authentication servers cannot be the same. Otherwise,
the configuration fails.
• You can remove an authentication server only when no active TCP connection for sendin
authentication
packets is using it.
Specifying the HWTACACS authorization servers
Follow these steps to specify the HWTACACS authorization servers:
To do… Use the command… Remarks
Enter system view system-view —
Enter HWTACACS scheme
view
hwtacacs scheme
hwtacacs-scheme-name
—
Specify the primary
HWTACACS authorization
server
primary authorization ip-address
[ port-number | key [ cipher | simple ]
key ] *
Required
Configure at least one command.
To Next Page
Loading...
