R3166-R3206-HP High-End Firewalls Access Control Configuration Guide-6PW101
152
# Configure the Ethernet ports. (Omitted)
# Configure HWTACACS scheme system.
• From the navigation tree, select User > HWTACACS > Server Configuration.
• Click Add in the right pane.
# Configure the HWTACACS authentication server.
After creating the HWTACACS scheme named system, the HWTACACS server configuration interface
appears.
• Select Authentication Server as the server type.
• Enter 10.110.91.146 as the IP address of the primary server, and 49 as the TCP port of the primary
server.
• Check the Shared Key check box, enter expert as the shared key, and then confirm it.
• Click Apply to finish the configuration.
# Configure the HWTACACS authorization server as follows:
• Select Authorization Server as the server type.
• Enter 10.110.91.146 as the IP address of the primary server, and 49 as the TCP port of the primary
server.
• Check the Shared Key check box, enter expert as the shared key, and then confirm it.
• Click Apply to finish the setting.
# Configure the HWTACACS accounting server as follows:
• Select Accounting Server as the server type.
• Enter 10.110.91.146 as the IP address of the primary server, and 49 as the TCP port of the primary
server.
• Check the Shared Key check box, enter expert as the shared key, and then confirm it.
# Configure the parameters for communication between the firewall and the HWTACACS server as
follows:
• From the navigation tree, select User
> HW
TACACS > Parameter Configuration.
• Select without-domain for the username format.
• Click Apply to finish the setting.
Configuring HWTACACS schemes in the CLI
NOTE:
You cannot remove the HWTACACS schemes in use or change the IP addresses of the HWTACACS
servers in use.
HWTACACS configuration task list
Task Remarks
Creating an HWTACACS scheme Required
Specifying the HWTACACS authentication servers Required
Specifying the HWTACACS authorization servers Optional