H3C Technologies H3C SecPath F1000-E User Manual

Page 32

Advertising
background image

24

Step Command

Remarks

4.

Specify the scheme
authentication mode.

authentication-mode scheme

Whether local, RADIUS, or
HWTACACS authentication is
adopted depends on the

configured AAA scheme.
By default, local authentication is

adopted.

5.

Enable command authorization. command authorization

Optional.
By default, command authorization

is not enabled.
Create a HWTACACS scheme,

and specify the IP address of the
authorization server and other

authorization parameters. For more

information, see Access Control
Configuration Guide.
Reference the created HWTACACS
scheme in the ISP domain. For more

information, see Access Control
Configuration Guide.

6.

Enable command accounting.

command accounting

Optional.
By default, command accounting is
disabled. The accounting server

does not record the commands

executed by users.
Command accounting allows the
HWTACACS server to record all

executed commands that are

supported by the device,

regardless of the command
execution result. This helps control

and monitor user operations on the

device. If command accounting is
enabled and command

authorization is not enabled, every

executed command is recorded on
the HWTACACS server. If both

command accounting and

command authorization are
enabled, only the authorized and

executed commands are recorded

on the HWTACACS server.

7.

Exit to system view.

quit

N/A

Advertising
This manual is related to the following products:

H3C SecPath F5000-A5 Firewall, H3C SecPath F1000-A-EI, H3C SecPath F1000-E-SI, H3C SecPath F1000-S-AI, H3C SecPath F5000-S Firewall, H3C SecPath F5000-C Firewall, H3C SecPath F100-C-SI, H3C SecPath F1000-C-SI, H3C SecPath F100-A-SI, H3C SecBlade FW Cards, H3C SecBlade FW Enhanced Cards, H3C SecPath U200-A U200-M U200-S, H3C SecPath U200-CA U200-CM U200-CS

Popular Brands
Popular manuals