Configuring Hwtacacs Protocol; Creating A Hwtacas Scheme - 3Com 3C13636 Configuration Manual

3Com Router 3000 Ethernet Family
Configuration Guide

2.4 Configuring HWTACACS Protocol

The configuration tasks of HWTACACS include:
Create a HWTACACS scheme
Configure TACACS authentication servers
Configure TACACS authorization servers
Configure TACACS accounting servers
Configure a key for securing the communication with a TACACS server
Set the username format acceptable to a TACACS server
Set the unit of data flows destined for a TACACS server
Configure the source address to be carried by the HWTACACS packets sent by
NAS
Set timers regarding TACACS server
Enable the online TACACS user to change its password
Note:
In contrast to the settings in RADIUS server, note the following points when configuring
a TACACS server:
The system does not check whether users are using the current HWTACACS
scheme when you change most of its attributes, except when you delete the
scheme.
By default, the TACACS server has no key.
Among these configuration tasks, creating a HWTACAS scheme and configuring
TACACS authentication/authorization server are required, while others are optional at
your discretion.

2.4.1 Creating a HWTACAS scheme

As aforementioned, HWTACACS protocol is configured scheme by scheme. Therefore,
you must create a HWTACACS scheme and enter HWTACACS view before you
perform other configuration tasks.
Perform the following configuration in system view.
Table 2-33 Create a HWTACACS scheme
Create
scheme
HWTACACS view.
Operation
a HWTACACS
and enter hwtacacs scheme hwtacacs-scheme-name
3Com Corporation
Chapter 2 AAA and RADIUS/HWTACACS Protocol
Command
2-30
Configuration