Command Reference Guide

ManualsBrandsHP ManualsRoutersHP 3000 Router Series

1061

3Com Router 3000 Ethernet Family

Chapter 1 AAA and RADIUS/HWTACACS Protocol

Configuration Commands

3Com Corporation

1-56

Description

Use the hwtacacs scheme command to enter HWTACACS Server view. If the

specified HWTACACS server scheme does not exist, you can create a new

HWTACACS scheme.

Use the .undo hwtacacs scheme command to delete an HWTACACS scheme.

Example

# Create an HWTACACS scheme named "test1" and enter the relevant HWTACACS

Server view.

[3Com] hwtacacs scheme test1

[3Com-hwtacacs-test1]

1.3.8 key

Syntax

key { accounting | authentication | authorization } string

undo key { accounting | authentication | authorization } string

View

HWTACACS view

Parameter

accounting: Shared key of the accounting server.

authentication: Shared key of the authentication server.

authorization: Shared key of the authorization server.

string: The shared key, a string up to 16 characters excluding forward slashes (/),

colons (:), asterisks (*), question marks (?), less-than signs (<), and greater-than signs

(>).

Description

Use the key command to configure a shared key for HWTACACS authentication,

authorization or accounting.

Use the undo key command to delete the configuration.

By default, no key is set for any TACACS server.

The TACACS client (the router system) and TACACS server use the MD5 algorithm to

encrypt the exchanged packets. The two ends verify packets using a shared key. Only

when the same key is used can both ends accept the packets from each other and give

responses. Therefore, it is necessary to ensure that the same key is set on the router

and the TACACS server. If the authentication/authorization and accounting are