Configuring a device, Creating a tacacs+ scheme – H3C Technologies H3C Intelligent Management Center User Manual
Page 27
18
Figure 16 Displaying the page for configuring LDAP synchronization policies
Configuring a device
To configuring a device:
1.
Create a TACACS+ scheme.
2.
Create a domain.
3.
Configure scheme authentication and enable command-line authorization and accounting.
Creating a TACACS+ scheme
A device cooperates with the TAM server to implement TACACS+ authentication according to the
configured TACACS+ scheme.
When you configure a TACACS+ scheme, follow these restrictions and guidelines:
•
The IP address specified for the AAA server in the TACACS+ scheme must be the IP address of the
TAM server.
•
The shared key, and the authentication, authorization, and accounting ports specified in the
TACACS+ scheme must be the same as those configured on the TAM server.
•
If you specify the nas-ip in the TACACS+ scheme, configure the IP address of the device as the
nas-ip. If you do not specify the nas-ip in the TACACS+ scheme, configure the IP address of the
device as the IP address of the interface that connects the device to the TAM server.