4000 Router Series Security Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP MSR2003 AC Router

Setting HWTACACS timers

The device uses the following timers to control communication with an HWTACACS server:

• Server response timeout timer (response-timeout)—Defines the HWTACACS request

retransmission interval. The timer starts immediately after an HWTACACS authentication,

authorization, or accounting request is sent. If the device does not receive a response from the

server before the timer expires, it resends the request.

• Server quiet timer (quiet)—Defines the duration to keep an unreachable server in blocked state. If

a server is not reachable, the device changes the server's status to blocked, starts this timer for the

server, and tries to communicate with another server in active state. After the server quiet timer

expires, the device changes the status of the server back to active.

• Real-time accounting timer (realtime-accounting)—Defines the interval for the device to send

real-time accounting updates to the HWTACACS accounting server for online users. To implement

real-time accounting, the device must periodically send real-time accounting packets for online

users to the accounting server.

To set HWTACACS timers:

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Enter HWTACACS scheme

view.

hwtacacs scheme

hwtacacs-scheme-name

N/A

3. Set the HWTACACS server

response timeout timer.

timer response-timeout seconds

By default, the HWTACACS server

response timeout timer is 5

seconds.

This command is not supported in

this software version and is

reserved for future support.

4. Set the server quiet timer.

timer quiet minutes

By default, the server quiet timer is

5 minutes.

5. Set the real-time accounting

interval.

timer realtime-accounting minutes

By default, the real-time accounting

interval is 12 minutes.

Consider the performance of the

NAS and the HWTACACS server

when you set the real-time

accounting interval. A short

interval helps improve accounting

precision but requires many system

resources.

Displaying and maintaining HWTACACS

Execute the display command in any view and the reset command in user view.

Task Command

Display the configuration or server

statistics of HWTACACS schemes.

display hwtacacs scheme [ hwtacacs-server-name [ statistics ]

Clear HWTACACS statistics.

reset hwtacacs statistics { accounting | all | authentication |

authorization }