Operation Manual – AAA & RADIUS & HWTACACS & EAD
H3C S7500 Series Ethernet Switches
Set the IP address and
port number of the
primary TACACS
authentication server
Set the IP address and
port number of the
secondary TACACS
authentication server
Caution:
The primary and secondary authentication servers cannot use the same IP address.
Otherwise, the system will prompt unsuccessful configuration.
You can remove a server only when it is not being used by any active TCP
connection for sending authentication packets.
1.5.3 Configuring HWTACACS Authorization Servers
Table 1-25 Configure TACACS authorization servers
Enter system view
Create a HWTACACS
scheme and enter its view
Set the IP address and
port number of the
primary TACACS
authorization server
Set the IP address and
port number of the
secondary TACACS
authorization server
To do...
primary authentication
ip-address [ port ]
secondary
authentication
ip-address [ port ]
To do...
Use the command...
system-view
hwtacacs scheme
hwtacacs-scheme-nam
e
primary authorization
ip-address [ port ]
secondary
authorization
ip-address [ port ]
Chapter 1 AAA & RADIUS & HWTACACS
Use the command...
1-34
Configuration
Remarks
Required
By default, the IP address
of the primary
authentication server is
0.0.0.0, and the port
number is 0.
Required
By default, the IP address
of the secondary
authentication server is
0.0.0.0, and the port
number is 0.
Remarks
—
Required
By default, no HWTACACS
scheme exists.
Required
By default, the IP address of
the primary authorization
server is 0.0.0.0, and the
port number is 0.
Required
By default, the IP address of
the secondary authorization
server is 0.0.0.0, and the
port number is 0.