H3C Technologies H3C S12500-X Series Switches User Manual

32

Tasks at a glance

(Required.)

721H

Specifying the HWTACACS authentication servers

(Optional.)

722H

Specifying the HWTACACS authorization servers

(Optional.)

723H

Specifying the HWTACACS accounting servers

(Required.)

724H

Specifying the shared keys for secure HWTACACS communication

(Optional.)

725H

Specifying a VPN for the scheme

(Optional.)

726H

Setting the username format and traffic statistics units

(Optional.)

727H

Specifying the source IP address for outgoing HWTACACS packets

(Optional.)

728H

Setting HWTACACS timers

(Optional.)

729H

Displaying and maintaining HWTACACS

371B

Creating an HWTACACS scheme

Create an HWTACACS scheme before performing any other HWTACACS configurations. You can
configure up to 16 HWTACACS schemes. An HWTACACS scheme can be referenced by multiple ISP

domains.
To create an HWTACACS scheme:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Create an HWTACACS

scheme and enter its view.

hwtacacs scheme
hwtacacs-scheme-name

By default, no HWTACACS
scheme is defined.

372B

Specifying the HWTACACS authentication servers

You can specify one primary authentication server and up to 16 secondary authentication servers for an
HWTACACS scheme. When the primary server is not available, the device tries to communicate with the

secondary servers in the order they are configured, and communicates with the first secondary server in

active state. If redundancy is not required, specify only the primary server. An HWTACACS server can

function as the primary authentication server in one scheme and as the secondary authentication server
in another scheme at the same time.
To specify HWTACACS authentication servers for an HWTACACS scheme:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter HWTACACS
scheme view.

hwtacacs scheme hwtacacs-scheme-name

N/A