Vpn-Instance (Hwtacacs Scheme View) - HP FlexNetwork MSR Series Command Reference Manual

Views
HWTACACS scheme view
Predefined user roles
network-admin
Parameters
keep-original: Sends the username to the HWTACACS server as the username is entered.
with-domain: Includes the ISP domain name in the username sent to the HWTACACS server.
without-domain: Excludes the ISP domain name from the username sent to the HWTACACS
server.
Usage guidelines
A username is generally in the userid@isp-name format, of which the isp-name argument is used by
the device to determine the ISP domain to which a user belongs. However, some HWTACACS
servers cannot recognize a username containing an ISP domain name. Before sending a username
including a domain name to such an HWTACACS server, the device must remove the domain name.
This command allows you to specify whether to include a domain name in a username to be sent to
an HWTACACS server.
If an HWTACACS scheme defines that the username is sent without the ISP domain name, do not
apply the scheme to more than one ISP domain. Otherwise, the HWTACACS server will consider two
users in different ISP domains but with the same userid as one user.
If the HWTACACS scheme is used for wireless users, specify the format of the username to be sent
from the access device to the HWTACACS server as keep-original. Otherwise, authentication of the
wireless users might fail.
Examples
# In HWTACACS scheme hwt1, configure the device to remove the ISP domain name from the
usernames sent to the HWTACACS servers.
<Sysname> system-view
[Sysname] hwtacacs scheme hwt1
[Sysname-hwtacacs-hwt1] user-name-format without-domain
Related commands
display hwtacacs scheme

vpn-instance (HWTACACS scheme view)

Use vpn-instance to specify an MPLS L3VPN instance for an HWTACACS scheme.
Use undo vpn-instance to restore the default.
Syntax
vpn-instance vpn-instance-name
undo vpn-instance
Default
The HWTACACS scheme belongs to the public network.
Views
HWTACACS scheme view
Predefined user roles
network-admin
134