Nas-Ip - Huawei Quidway S8500 Series Command Manual

Command Manual – Security
Quidway S8500 Series Routing Switches
authentication: Shared key of the authentication server.
authorization: Shared key of the authorization server.
string: Shared key, a string up to 16 characters excluding the characters "?".
Description
Use the key command to configure a shared key for HWTACACS authentication,
authorization or accounting.
Use the undo key command to delete the configuration.
By default, no key is set.
The HWTACACS client (the switch system) and HWTACACS server use MD5
algorithm to encrypt the exchanged packets. The two ends verify packets using a
shared key. Only when the same key is used can both ends accept the packets from
each other and give responses. So it is necessary to ensure that the same key is set on
the switch and the HWTACACS server. If the authentication/authorization and
accounting are performed on two server devices with different shared keys, you must
set one shared key for each.
Related command: display hwtacacs.
Example
# Use "hello" as the shared key for HWTACACS accounting.
[Quidway] hwtacacs scheme test1
[Quidway-hwtacacs-test1] key accounting hello

2.3.8 nas-ip

Syntax
nas-ip ip-address
undo nas-ip
View
HWTACACS view
Parameter
ip-address: Source IP address, in dotted decimal format.
Description
Use the nas-ip command to set the source IP address for HWTACACS packets sent
from the NAS (switch), such that all the packets sent to the TACACS server carry the
same source IP address.
Use the undo nas-ip command to delete the configuration.
Chapter 2 AAA and RADIUS/HWTACACS Protocol
Huawei Technologies Proprietary
2-55
Configuration Commands