R3721-F3210-F3171-HP High-End Firewalls Access Control Command Reference-6PW101
155
return
# Set the shared key for HWTACACS accounting packets to plain text hello for HWTACACS scheme
hwt1 and specify to display the key in cipher text.
<Sysname> system-view
[Sysname] hwtacacs scheme hwt1
[Sysname-hwtacacs-hwt1] key accounting hello
[Sysname-hwtacacs-hwt1] display this
#
hwtacacs scheme hwt1
key accounting cipher IT8Q4sHnitM=
#
return
# Set the shared key for HWTACACS accounting packets to cipher text KWk+qJsfs9M= for HWTACACS
scheme hwt1 and specify to display the key in cipher text.
<Sysname> system-view
[Sysname] hwtacacs scheme hwt1
[Sysname-hwtacacs-hwt1] key accounting cipher KWk+qJsfs9M=
[Sysname-hwtacacs-hwt1] display this
#
hwtacacs scheme hwt1
key accounting cipher KWk+qJsfs9M=
#
return
nas-ip (HWTACACS scheme view)
Syntax
nas-ip ip-address
undo nas-ip
View
HWTACACS scheme view
Default level
2: System level
Parameters
ip-address: IP address in dotted decimal notation. It must be an address of the firewall and cannot be
0.0.0.0, 255.255.255.255, a class D address, a class E address, or a loopback address.
Description
Use nas-ip to specify a source address for outgoing HWTACACS packets.
Use undo nas-ip to restore the default.
By default, the source IP address of an outgoing HWTACACS packet is configured by the hwtacacs
nas-ip command in system view; if the hwtacacs nas-ip command is not configured, the source IP
address is the IP address of the outbound interface.
The source IP address of HWTACACS packets that a NAS sends must match the IP address of the NAS
that is configured on the HWTACACS server. An HWTACACS server identifies a NAS by IP address.