R3166-R3206-HP High-End Firewalls Access Control Configuration Guide-6PW101

149

Task Remarks

Secondary Server IP

Type the IP address of the secondary server

When no secondary server is specified, the secondary server IP and

the secondary server TCP port are empty.

If you leave the IP address text box empty, it means to remove the

secondary server (if configured).

The specified IP address of the primary server cannot be the same as

that of the secondary server. Otherwise, the configuration will fail.

Secondary Server TCP Port

Type the TCP port of the secondary server.

You must configure different TCP port numbers for different service

types.

Shared Key

Type a shared key for the server

Confirm Shared Key

Type the shared key again for confirmation.

Return to HWTACACS configuration task list.

Configuring HWTACACS parameters

When the HWTACACS scheme system exists, select User > HWTACACS > Parameter Configuration from

the navigation tree and configure HWTACACS parameters, as shown in Figure 94.

Figure 94 H

WTACACS parameter configuration

Table 51 HWTACACS parameters

Task Remarks

NAS-IP

Type the source IP address for the firewall to use in HWTACACS

packets to be sent to the HWTACACS server. Use a loopback

interface address instead of a physical interface address as the

source IP address to ensure that the response packets from the server

can reach the firewall when the physical interface is down.