c
Configuring HWTACACS
Authorization Servers
c
Configuring HWTACACS
Accounting Servers
Table 419 Configure HWTACACS authentication servers
Operation
Set the IP address and port
number of the primary
TACACS authentication
server
Set the IP address and port
number of the secondary
TACACS authentication
server
CAUTION:
The primary and secondary authentication servers cannot use the same IP
■
address. Otherwise, the system will prompt unsuccessful configuration.
You can remove a server only when it is not used by any active TCP connection
■
for sending authentication packets.
Table 420 Configure TACACS authorization servers
Operation
Enter system view
Create a HWTACACS
scheme and enter its view
Set the IP address and port
number of the primary
TACACS authorization
server
Set the IP address and port
number of the secondary
TACACS authorization
server
CAUTION:
The primary and secondary authorization servers cannot use the same IP
■
address. Otherwise, the system will prompt unsuccessful configuration.
You can remove a server only when it is not used by any active TCP connection
■
for sending authorization packets.
Table 421 Configure HWTACACS accounting servers
Operation
Enter system view
Command
primary authentication
ip-address [ port ]
secondary authentication
ip-address [ port ]
Command
system-view
hwtacacs scheme
hwtacacs-scheme-name
primary authorization
ip-address [ port ]
secondary authorization
ip-address [ port ]
Command
system-view
HWTACACS Configuration
Description
Required
By default, the IP address of
the primary authentication
server is 0.0.0.0, and the
port number is 0.
Required
By default, the IP address of
the secondary
authentication server is
0.0.0.0, and the port
number is 0.
Description
-
Required
By default, no HWTACACS
scheme exists.
Required
By default, the IP address of
the primary authorization
server is 0.0.0.0, and the
port number is 0.
Required
By default, the IP address of
the secondary authorization
server is 0.0.0.0, and the
port number is 0.
Description
-
533