HP MSR2000/3000/4000 Router Series Security Command Reference
6
Syntax
In non-FIPS mode:
accounting login { hwtacacs-scheme hwtacacs-scheme-name [ radius-scheme radius-scheme-name ]
[ local ] [ none ] | local [ none ] | none | radius-scheme radius-scheme-name [ hwtacacs-scheme
hwtacacs-scheme-name ] [ local ] [ none ] }
undo accounting login
In FIPS mode:
accounting login { hwtacacs-scheme hwtacacs-scheme-name [ radius-scheme radius-scheme-name ]
[ local ] | local | radius-scheme radius-scheme-name [ hwtacacs-scheme hwtacacs-scheme-name ]
[ local ] }
undo accounting login
Default
The default accounting method of the ISP domain is used for login users.
Views
ISP domain view
Predefined user roles
network-admin
Parameters
hwtacacs-scheme hwtacacs-scheme-name: Specifies an HWTACACS scheme by its name, a
case-insensitive string of 1 to 32 characters.
local: Performs local accounting.
none: Does not perform accounting.
radius-scheme radius-scheme-name: Specifies a RADIUS scheme by its name, a case-insensitive string of
1 to 32 characters.
Usage guidelines
Accounting is not supported for login users who use FTP.
You can specify multiple default accounting methods, one primary and multiple backup methods. When
the primary method is invalid, the device attempts to use the backup methods in sequence. For example,
the accounting login radius-scheme radius-scheme-name local none command specifies a primary
default RADIUS accounting method and two backup accounting methods, local accounting and no
accounting. With this command, the device performs RADIUS accounting by default, performs local
accounting when the RADIUS server is invalid, and does not perform accounting when both of the
previous methods are invalid.
Examples
# Configure ISP domain test to use local accounting for login users.
<Sysname> system-view
[Sysname] domain test
[Sysname-isp-test] accounting login local
# Configure ISP domain test to use RADIUS scheme rd for login user accounting and use local
accounting as the backup.
<Sysname> system-view