Introduction To Hwtacacs - 3Com 5500-EI PWR Install Manual

11
12
13
14
15
16
17
18
19
20
21
22
The RADIUS protocol has good scalability. Attribute 26 (Vender-Specific) defined in this protocol allows
a device vendor to extend RADIUS to implement functions that are not defined in standard RADIUS.
Figure 1-4 depicts the format of attribute 26. The Vendor-ID field used to identify a vendor occupies four
bytes, where the first byte is 0, and the other three bytes are defined in RFC 1700. Here, the vendor can
encapsulate multiple customized sub-attributes (containing vendor-specific Type, Length and Value) to
implement a RADIUS extension.
Figure 1-4 Vendor-specific attribute format
0
Type
Vendor-ID

Introduction to HWTACACS

What is HWTACACS
Huawei Terminal Access Controller Access Control System (HWTACACS) is an enhanced security
protocol based on TACACS (RFC 1492). Similar to the RADIUS protocol, it implements AAA for
different types of users (such as PPP, VPDN, and terminal users) through communicating with TACACS
server in client-server mode.
Compared with RADIUS, HWTACACS provides more reliable transmission and encryption, and
therefore is more suitable for security control.
HWTACACS and RADIUS.
Filter-ID
Framed-MTU
Framed-Compression
Login-IP-Host
Login-Service
Login-TCP-Port
(unassigned)
Reply-Message
Callback-Number
Callback-ID
(unassigned)
Framed-Route
7 15
Length
Specified attribute value......
......
33
34
35
36
37
38
39
40-59
60
61
62
63
7
Vendor-ID
Type (specified) Length (specified)
Table 1-3 lists the primary differences between
1-6
Proxy-State
Login-LAT-Service
Login-LAT-Node
Login-LAT-Group
Framed-AppleTalk-Link
Framed-AppleTalk-Network
Framed-AppleTalk-Zone
(reserved for accounting)
CHAP-Challenge
NAS-Port-Type
Port-Limit
Login-LAT-Port
31