Hwtacacs Configuration; Creating A Hwtacas Scheme - H3C S3100-52P Operation Manual

Operation Manual – AAA – RADIUS – HWTACACS
H3C S3100-52P Ethernet Switch
5) If the switch does not receive any response from the CAMS after it has tried the
configured maximum number of times to send the Accounting-On message, it will
not send the Accounting-On message any more.
Note:
The switch can automatically generate the main attributes (NAS-ID, NAS-IP-address
and session ID) contained in Accounting-On messages. However, you can also
manually configure the NAS-IP-address with the nas-ip command. If you choose to
manually configure the attribute, be sure to configure an appropriate valid IP address. If
this attribute is not configured, the switch will automatically choose the IP address of a
VLAN interface as the NAS-IP-address.
Table 1-23 Enable the user re-authentication at restart function
Operation
Enter system view
Enter RADIUS scheme
view
Enable
re-authentication
restart function

1.5 HWTACACS Configuration

1.5.1 Creating a HWTACAS Scheme

The HWTACACS protocol configuration is performed on a scheme basis. Therefore,
you must create a HWTACACS scheme and enter HWTACACS view before performing
other configuration tasks.
system-view
radius
radius-scheme-name
the user accounting-on
at [ send times | interval
interval ]
Chapter 1 AAA & RADIUS & HWTACACS
Command
—
scheme
—
By default, this function is
disabled.
If you use this command
enable
without any parameter, the
system will try at most 15
times
Accounting-On message at
the interval of three seconds.
1-33
Configuration
Description
to send an