EasyManua.ls Logo

HP 5500 HI Series

HP 5500 HI Series
444 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
38
Specifying the VPN to which the servers belong
After you specify a VPN for an HWTACACS scheme, all the authentication, authorization, and
accounting servers specified for the scheme belong to the VPN. However, if you also specify a VPN when
specifying a server for the scheme, the server belongs to the specific VPN.
To specify a VPN for an HWTACACS scheme:
Step Command
1. Enter system view.
system-view
2. Enter HWTACACS scheme view.
hwtacacs scheme hwtacacs-scheme-name
3. Specify a VPN for the HWTACACS scheme. vpn-instance vpn-instance-name
Setting the username format and traffic statistics units
A username is usually in the format of userid@isp-name, where isp-name represents the name of the ISP
domain the user belongs to and is used by the switch to determine which users belong to which ISP
domains. However, some HWTACACS servers cannot recognize usernames that contain an ISP domain
name. In this case, the switch must remove the domain name of each username before sending the
username. You can set the username format on the switch for this purpose.
The switch periodically sends accounting updates to HWTACACS accounting servers to report the traffic
statistics of online users. For normal and accurate traffic statistics, make sure the unit for data flows and
that for packets on the switch are consistent with those configured on the HWTACACS servers.
Follow these guidelines when you set the username format and the traffic statistics units for an
HWTACACS scheme:
If an HWTACACS server does not support a username that carries the domain name, configure the
switch to remove the domain name before sending the username to the server.
For level switching authentication, the user-name-format keep-original and user-name-format
without-domain commands produce the same results. They make sure usernames sent to the
HWTACACS server carry no ISP domain name.
To set the username format and the traffic statistics units for an HWTACACS scheme:
Step Command Remarks
1. Enter system view. system-view N/A
2. Enter HWTACACS scheme
view.
hwtacacs scheme
hwtacacs-scheme-name
N/A
3. Set the format for usernames
sent to the HWTACACS
servers.
user-name-format { keep-original |
with-domain | without-domain }
Optional.
By default, the ISP domain name
is included in a username.
4. Specify the unit for data flows
or packets sent to the
HWTACACS servers.
data-flow-format { data { byte |
giga-byte | kilo-byte | mega-byte }
| packet { giga-packet | kilo-packet
| mega-packet | one-packet } }*
Optional.
The default unit is byte for data
flows and is one-packet for data
packets.

Table of Contents

Other manuals for HP 5500 HI Series

Related product manuals