Secondary Authorization - H3C S3100 Series Command Manual

Command Manual (For Soliton) – AAA
H3C S3100 Series Ethernet Switches
and 49 respectively.
Note that:
You are not allowed to set the same IP address for both primary and secondary
authentication servers. If you do this, your setting will fail.
If you re-execute the command, the new setting overwrites the old one.
You can remove an authentication server setting only when there is no active TCP
connection that is sending authentication messages to the server.
Related commands: display hwtacacs.
Examples
# Set the IP address and UDP port number of the secondary authentication server for
HWTACACS scheme hwt1 to 10.163.155.13 and 49 respectively.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] hwtacacs scheme hwt1
[Sysname-hwtacacs-hwt1] secondary authentication 10.163.155.13 49

1.3.16 secondary authorization

Syntax
secondary authorization ip-address [ port ]
undo secondary authorization
View
HWTACACS scheme view
Parameters
ip-address: IP address of the secondary authorization server, a valid unicast address in
dotted decimal notation.
port: Port number of the secondary authorization server, ranging from 1 to 65535.
Description
Use the secondary authorization command to set the IP address and port number of
the secondary HWTACACS authorization server to be used by the current scheme.
Use the .undo secondary authorization command to restore the default IP address
and port number of the secondary HWTACACS authorization server, which are 0.0.0.0
and 49 respectively.
Note that:
You are not allowed to set the same IP address for both primary and secondary
authorization servers.
Chapter 1 AAA Configuration Commands
1-78