Table of Contents
Advertisement
Command Manual – Security
Quidway S8500 Series Routing Switches
Example
# Set the user huawei1 to display the password in simple text, given the password is
20030422.
[Quidway-luser-huawei1] password simple 20030422
2.1.16 scheme
Syntax
scheme { radius-scheme radius-scheme-name [ local ] | hwtacacs-scheme
hwtacacs-scheme-name [ local ] | local | none }
undo scheme { radius-scheme | hwtacacs-scheme | none }
View
ISP domain view
Parameter
radius-scheme-name: RADIUS scheme name, a string no longer than 32 characters in
length.
hwtacacs-scheme-name: HWTACACS scheme name, a string no longer than 32
characters in length.
local: Specifies to perform local authentications.
none: Specifies not to perform authentications.
Description
Use the scheme command to configure the AAA scheme used in the current ISP
domain.
Use the undo scheme command to restore the default domain AAA scheme.
By default, an AAA scheme specifies to perform local authentications.
The scheme command specifies a RADIUS/HWTACACS scheme for the current ISP
domain. The specified scheme must be an existing scheme.
You can use the radius-scheme radius-scheme-name local or hwtacacs-scheme
hwtacacs-scheme-name local command to specify to perform local authentications in
case the Radius Server or the Tacacs Server fails to respond properly. That is, local
authentications are performed only when the Radius Server or the Tacas Server fails.
If you specify local authentications to be the primary scheme, then only local
authentications are performed and you cannot adopt RADIUS and HWTACACS
scheme simultaneously. In this case, the none and local keywords act the same.
Related command: radius scheme, hwtacacs scheme.
Chapter 2 AAA and RADIUS/HWTACACS Protocol
Huawei Technologies Proprietary
2-16
Configuration Commands
Advertisement
Chapters
Table of Contents
