Reset Hwtacacs Statistics - HP FlexNetwork 7500 Series Command Reference Manual

simple: Specifies the key in plaintext form. For security purposes, the key specified in plaintext form
will be stored in encrypted form.
string: Specifies the key. This argument is case sensitive.
•
In non-FIPS mode, the encrypted form of the key is a string of 1 to 373 characters. The plaintext
form of the key is a string of 1 to 255 characters.
•
In FIPS mode, the encrypted form of the key is a string of 15 to 373 characters. The plaintext
form of the key is a string of 15 to 255 characters. The plaintext string must contain digits,
uppercase letters, lowercase letters, and special characters.
single-connection: The device and the primary HWTACACS authorization server use the same
TCP connection to exchange all authorization packets for all users. If you do not specify this keyword,
the device establishes a new TCP connection each time it exchanges authorization packets with the
primary authorization server for a user.
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance to which the primary
HWTACACS authorization server belongs. The vpn-instance-name argument is a case-sensitive
string of 1 to 31 characters. If the server is on the public network, do not specify this option.
Usage guidelines
Make sure the port number and shared key settings of the primary HWTACACS authorization server
are the same as those configured on the server.
Two authorization servers specified for a scheme, primary or secondary, cannot have identical VPN
instance, host name, IP address, and port number settings.
As a best practice, specify the single-connection keyword to reduce TCP connections for improving
system performance if the HWTACACS server supports the single-connection method.
If the specified server resides on an MPLS L3VPN, specify the VPN instance by using the
vpn-instance vpn-instance-name option. The VPN instance specified by this command takes
precedence over the VPN instance specified for the HWTACACS scheme.
You can remove an authorization server only when it is not used for user authorization. Removing an
authorization server affects only authorization processes that occur after the remove operation.
Examples
# In HWTACACS scheme hwt1, specify the primary authorization server with IP address
10.163.155.13, TCP port number 49, and plaintext shared key 123456TESTautr&!.
<Sysname> system-view
[Sysname] hwtacacs scheme hwt1
[Sysname-hwtacacs-hwt1] primary authorization 10.163.155.13 49 key simple
123456TESTautr&!
Related commands
display hwtacacs scheme
key (HWTACACS scheme view)
secondary authorization (HWTACACS scheme view)
vpn-instance (HWTACACS scheme view)

reset hwtacacs statistics

Use reset hwtacacs statistics to clear HWTACACS statistics.
Syntax
reset hwtacacs statistics { accounting | all | authentication | authorization }
130