3Com Switch 8800 Family Configuration Guide
Configuring HWTACACS Protocol 257
By default, no HWTACACS scheme exists.
If the HWTACACS scheme you specify does not exist, the system creates it and
enters HWTACACS view. In HWTACACS view, you can configure the HWTACACS
scheme specifically.
The system supports up to 16 HWTACACS schemes. You can only delete the
schemes that are not being used.
Configuring HWTACACS
Authentication Servers
Perform the following configuration in HWTACACS view.
The primary and secondary authentication servers cannot use the same IP address.
The default port number is 49.
If you execute this command repeatedly, the new settings will replace the old
settings.
A TACACS scheme authentication server can be deleted only when no Active TCP
connection used to send authentication packets is using the server.
Configuring HWTACACS
Authorization Servers
Perform the following configuration in HWTACACS view.
Tab le 229 Create a HWTACACS scheme
Operation Command
Create a HWTACACS scheme and enter
HWTACACS view
hwtacacs scheme hwtacacs-scheme-name
Delete a HWTACACS scheme
undo hwtacacs scheme
hwtacacs-scheme-name
Tab le 230 Configure HWTACACS authentication servers
Operation Command
Configure the HWTACACS primary
authentication server
primary authentication ip-address [
port-number ]
Delete the HWTACACS primary
authentication server
undo primary authentication
Configure the HWTACACS secondary
authentication server
secondary authentication ip-address [
port-number ]
Delete the HWTACACS secondary
authentication server
undo secondary authentication
Tab le 231 Configure HWTACACS authorization servers
Operation Command
Configure the primary HWTACACS
authorization server
primary authorization ip-address [
port-number ]
Delete the primary HWTACACS authorization
server
undo primary authorization
Configure the secondary HWTACACS
authorization server
secondary authorization ip-address [
port-number ]
Delete the secondary HWTACACS
authorization server
undo secondary authorization