Examples
# Specify a secondary authentication server with IP address 10.163.155.13, TCP port number 49, and
plaintext shared key abc for HWTACACS scheme hwt1
<Sysname> system-view
[Sysname] hwtacacs scheme hwt1
[Sysname-hwtacacs-hwt1] secondary authentication 10.163.155.13 49 key simple abc
Related commands
• display hwtacacs scheme
• key (HWTACACS scheme view)
• primary authentication (HWTACACS scheme view)
• vpn-instance (HWTACACS scheme view)
secondary authorization
Use secondary authorization to specify a secondary HWTACACS authorization server.
Use undo secondary authorization to remove a secondary HWTACACS authorization server.
Syntax
secondary authorization { ipv4-address | ipv6 ipv6-address } [ port-number I key { cipher | simple }
string | vpn-instance vpn-instance-name ] *
undo secondary authorization [ { ipv4-address | ipv6 ipv6-address } [ port-number | vpn-instance
vpn-instance-name ]* ]
Default
No secondary HWTACACS authorization server is specified.
Views
HWTACACS scheme view
Predefined user roles
network-admin
Parameters
ipv4-address: Specifies the IPv4 address of the secondary HWTACACS authorization server.
ipv6 ipv6-address: Specifies the IPv6 address of the secondary HWTACACS authorization server.
port-number: Specifies the service port number of the secondary HWTACACS authorization server, a
TCP port number in the range of 1 to 65535. The default setting is 49.
key { cipher | simple } string: Sets the shared key for secure communication with the secondary
HWTACACS authorization server.
• cipher string: Sets a ciphertext shared key. The string argument is case sensitive. In non-FIPS mode,
the key is a string of 1 to 373 characters. In FIPS mode, the key is a string of 15 to 373 characters.
75
To Next Page
Loading...
