1. Manuals
  2. Brands
  3. HP Manuals
  4. Network Router
  5. A5500 EI Switch Series
  6. Command reference manual

Secondary Authorization - HP A5500 EI Command Reference Manual

Hide thumbs Also See for A5500 EI:
Table of Contents

Advertisement

If the server to be specified resides on an MPLS VPN, you also need to specify that VPN by using the
vpn-instance vpn-instance-name keyword and argument combination to ensure normal communication
with the server. The VPN specified here takes precedence over the VPN specified for the RADIUS scheme.
If you configure the command repeatedly, only the last configuration takes effect.
You can remove an authentication server only when it is not used by any active TCP connection to send
authentication packets is using it.
Related commands: display hwtacacs, hwtacacs scheme, and vpn-instance (HWTACACS scheme view).
Examples
# Specify the IP address and port number of the secondary authentication server for HWTACACS scheme
hwt1 as 10.163.155.13 with TCP port number 49.
<Sysname> system-view
[Sysname] hwtacacs scheme hwt1
[Sysname-hwtacacs-hwt1] secondary authentication 10.163.155.13 49

secondary authorization

Syntax
secondary authorization ip-address [ port-number | vpn-instance vpn-instance-name ] *
undo secondary authorization
View
HWTACACS scheme view
Default level
2: System level
Parameters
ip-address: IP address of the secondary HWTACACS authorization server, a valid unicast address in
dotted decimal notation. The default is 0.0.0.0.
port-number: Port number of the secondary HWTACACS authorization server. It ranges from 1 to 65535
and defaults to 49.
vpn-instance vpn-instance-name: Specifies the MPLS L3VPN that the secondary HWTACACS
authorization server belongs to, where vpn-instance-name is a case-sensitive string of 1 to 31 characters.
If the server is on the public network, do not specify this keyword and argument combination.
Description
Use the secondary authorization command to specify the secondary HWTACACS authorization server.
Use the undo secondary authorization command to remove the configuration.
By default, no secondary HWTACACS authorization server is specified.
The IP addresses of the primary and secondary authorization servers cannot be the same. Otherwise, the
configuration fails.
The HWTACACS service port configured on the device and that of the HWTACACS server must be
consistent.
If the server to be specified resides on an MPLS VPN, you also need to specify that VPN by using the
vpn-instance vpn-instance-name keyword and argument combination to ensure normal communication
with the server. The VPN specified here takes precedence over the VPN specified for the RADIUS scheme.
85

Advertisement

Table of Contents
loading

Related Manuals for HP A5500 EI

Related Content for HP A5500 EI

This manual is also suitable for:

A5500 si

Table of Contents