Manualshelf

Command Reference Guide

ManualsBrandsHP ManualsRoutersHP 3000 Router Series
1011101210131014101510161017101810191020
3Com Router 3000 Ethernet Family
Command Reference Guide
Chapter 1 AAA and RADIUS/HWTACACS Protocol
Configuration Commands
3Com Corporation
1-4
Use the undo authentication command to restore the default authentication scheme
of the domain.
By default, no separate authentication scheme is available.
Note that the RADIUS or HWTACACS authentication scheme you configure by using
the authentication command must exist already.
If you configure the
authentication radius-scheme radius-scheme-name local or
authentication hwtacacs-scheme hwtacacs-scheme-name local command, the
local authentication scheme is the alternate scheme for use when the RADIUS server
or TACACS server is not responding properly. That is, the local authentication scheme
is used only when the RADIUS server or TACACS server is not available.
If you want the system to use the local scheme as the first scheme, the local
authentication scheme is the only scheme for authentication, and you cannot configure
any RADIUS or HWTACACS scheme at the same time. That is, you can only specify
the local keyword in the authentication command. The same is true for the none
keyword.
If you configure the authentication command in ISP domain view, the system uses the
scheme specified in the command for authentication. Otherwise, the system uses the
scheme specified by using the scheme command.
Related command: scheme, radius scheme, hwtacacs scheme.
Example
# Specify ISP domain h3c163.net to use RADIUS scheme radius for authentication.
[3Com-isp-h3c163.net] authentication radius-scheme radius
# Specify ISP domain h3c to use RADIUS scheme rd for authentication and use the
local authentication scheme as the alternate one.
[3Com-isp-h3c] authentication radius-scheme rd local
# Specify ISP domain h3c to use HWTACACS scheme hwtac for authentication and
use the local authentication scheme as the alternate one.
[3Com-isp-h3c] authentication hwtacacs-scheme hwtac local
1.1.5 authorization
Syntax
authorization { hwtacacs-scheme hwtacacs-scheme-name | none }
undo authorization
View
ISP domain view
Parameter