N in, Figure 26-5 – H3C Technologies H3C WX3000 Series Unified Switches User Manual

Page 251

Advertising
background image

25-8

Figure 26-5

Network diagram for a typical HWTACACS application

Host

HWTACACS client

HWTACACS server

HWTACACS server

Basic message exchange procedure in HWTACACS

The following text takes telnet user as an example to describe how HWTACACS implements
authentication, authorization, and accounting for a user.

Figure 26-6

illustrates the basic message

exchange procedure:

Figure 26-6

AAA implementation procedure for a telnet user

TACACS server

User

TACACS client

Requests to log in

Authentication start request

Authentication response, requesting username

Requests username

Enters username

Authentication continuous message

,

carrying username

Authentication response, requesting password

Requests password

Enters password

Authentication success response

Authorization request

Authorization success response

Allows user to log in

Accounting start request

Accounting start response

Exits the switch

Accounting stop request

Accounting stop response

Authentication continuous message

,

carrying password

Advertising
See also other documents in the category H3C Technologies Routers: