To do...
Clear HWTACACS statistics
Clear buffered stop-accounting
requests that get no responses
AAA Configuration Examples
AAA for Telnet Users by a HWTACACS Server
Network requirements
As shown in
Figure
authorization, and accounting services to login users.
The HWTACACS server is used for authentication, authentication, and accounting. Its IP address
is 10.1.1.1.
On the switch, set the shared keys for authentication, authorization, and accounting packets to
expert. Configure the switch to remove the domain name from a user name before sending the
user name to the HWTACACS server.
On the HWTACACS server, set the shared keys for packets exchanged with the switch to expert.
Figure 1-7 Configure AAA for Telnet users by a HWTACACS server
Telnet user
Configuration procedure
# Configure the IP addresses of the interfaces (omitted).
# Enable the Telnet server on the switch.
<Switch> system-view
[Switch] telnet server enable
# Configure the switch to use AAA for Telnet users.
[Switch] user-interface vty 0 4
[Switch-ui-vty0-4] authentication-mode scheme
[Switch-ui-vty0-4] quit
# Configure the HWTACACS scheme.
reset hwtacacs statistics
{ accounting | all | authentication |
authorization }
reset stop-accounting-buffer
hwtacacs-scheme
hwtacacs-scheme-name
1-7, configure the switch to use the HWTACACS server to provide authentication,
Authentication/Accounting server
10.1.1.1/24
Switch
Use the command...
Internet
1-36
Remarks
Available in user view
Available in user view