Hwtacacs Configuration - 3Com 7757 Configuration Manual
3com switch 7750 family
Hide thumbs
Also See for 7757:
- Quick reference manual (94 pages) ,
- Installation manual (80 pages) ,
- Product manual (15 pages)
Table of Contents
Advertisement
532
C
49: AAA & RADIUS & HWTACACS C
HAPTER
HWTACACS
Configuration
Creating a HWTACACS
Scheme
Configuring HWTACACS
Authentication Servers
the information contained in this packet (NAS-ID, NAS-IP address and session ID),
and ends the accounting of the users based on the last accounting update packet.
4 Once the switch receives the response from the CAMS, it stops sending other
Accounting-On packets.
5 If the switch does not receives any response from the CAMS after the number of
the Accounting-On packets it has sent reaches the configured maximum number,
it does not send any more Accounting-On packets.
n
The switch can automatically generate the main attributes (NAS-ID, NAS-IP
address and session ID) in the Accounting-On packets. However, you can also
manually configure the NAS-IP address with the nas-ip command. If you choose
to manually configure the attribute, be sure to configure an appropriate and legal
IP address. If this attribute is not configured, the switch will automatically use the
IP address of the VLAN interface as the NAS-IP address.
Table 417 Enable the user re-authentication upon device restart function
Operation
Enter system view
Enter RADIUS scheme
view
Enable the user
re-authentication upon
device restart function
HWTACACS protocol is configured scheme by scheme. Therefore, you must create
a HWTACACS scheme and enter HWTACACS view before you perform other
configuration tasks.
Table 418 Create a HWTACACS scheme
Operation
Enter system view
Create a HWTACACS
scheme and enter
HWTACACS view
c
CAUTION: The system supports up to 16 HWTACACS schemes. You can only
delete the schemes that are not being used.
Table 419 Configure HWTACACS authentication servers
Operation
Enter system view
Create a HWTACACS
scheme and enter its view
ONFIGURATION
Command
system-view
radius scheme
radius-scheme-name
accounting-on enable
[ send times | interval
interval ]
Command
system-view
hwtacacs scheme
hwtacacs-scheme-name
Command
system-view
hwtacacs scheme
hwtacacs-scheme-name
Description
-
-
By default, this function is disabled,
and the system can send at most 15
Accounting-On packets consecutively
at intervals of three seconds.
Description
-
Required
By default, no HWTACACS
scheme exists.
Description
-
Required
By default, no HWTACACS
scheme exists.
Advertisement
Table of Contents
Troubleshooting
