Operation Manual – AAA RADIUS HWTACACS
H3C S7500E Series Ethernet Switches
1.5.2 Specifying the HWTACACS Authentication Servers
Follow these steps to specify the HWTACACS authentication servers:
Enter system view
Create a HWTACACS
scheme and enter
HWTACACS scheme
view
Specify the primary
HWTACACS
authentication server
Specify the secondary
HWTACACS
authentication server
Note:
It is recommended to specify only the primary HWTACACS authentication server if
backup is not required.
The IP addresses of the primary and secondary authentication servers cannot be
the same. Otherwise, the configuration fails.
You can remove an authentication server only when no active TCP connection for
sending authentication packets is using it.
1.5.3 Specifying the HWTACACS Authorization Servers
Follow these steps to specify the HWTACACS authorization servers:
Enter system view
Create a HWTACACS
scheme and enter
HWTACACS scheme
view
Specify the primary
HWTACACS
authorization server
Specify the secondary
HWTACACS
authorization server
To do...
system-view
hwtacacs scheme
hwtacacs-scheme-name
primary authentication
ip-address [ port-number ]
secondary
authentication
ip-address [ port-number ]
To do...
system-view
hwtacacs scheme
hwtacacs-scheme-name
primary authorization
ip-address [ port-number ]
secondary authorization
ip-address [ port-number ]
Chapter 1 AAA/RADIUS/HWTACACS
Use the command...
Use the command...
1-33
Configuration
Remarks
—
Required
Not defined by default
Required
Use either approach
By default, neither the
primary nor the secondary
authentication server is
specified.
Remarks
—
Required
Not defined by default
Required
Use either approach
By default, neither the
primary nor the secondary
authorization server is
specified.