Configuring Tacacs Authentication Servers; Configuring Tacacs Authorization Servers - H3C S3100-52P Operation Manual
Hide thumbs
Also See for S3100-52P:
- Operation manual (62 pages) ,
- Command manual (55 pages) ,
- Installation manual (54 pages)
Table of Contents
Advertisement
Operation Manual – AAA
H3C S3100-52P Ethernet switch
2.3.2 Configuring TACACS Authentication Servers
Follow these steps to configure TACACS authentication servers:
Enter system view
Create a HWTACACS
scheme and enter its view
Set the IP address and
port number of the
primary TACACS
authentication server
Set the IP address and
port number of the
secondary TACACS
authentication server
Caution:
You are not allowed to configure the same IP address for both primary and
secondary authentication servers. If you do this, the system will prompt that the
configuration fails.
You can remove an authentication server setting only when there is no active TCP
connection that is sending authentication messages to the server.
2.3.3 Configuring TACACS Authorization Servers
Follow these steps to configure TACACS authorization servers:
Enter system view
Create a HWTACACS
scheme and enter its view
To do...
system-view
hwtacacs scheme
hwtacacs-scheme-name
primary authentication
ip-address [ port ]
secondary
authentication
ip-address [ port ]
To do...
system-view
hwtacacs scheme
hwtacacs-scheme-name
Use the command...
Use the command...
2-27
Chapter 2 AAA Configuration
Remarks
—
Required
By default, no
HWTACACS scheme
exists.
Required
By default, the IP address
of the primary
authentication server is
0.0.0.0, and the port
number is 0.
Optional
By default, the IP address
of the secondary
authentication server is
0.0.0.0, and the port
number is 0.
Remarks
—
Required
By default, no
HWTACACS scheme
exists.
Advertisement
Chapters
Table of Contents
Troubleshooting
