3Com Switch 8800 Family Firewall Module Configuration and Command Reference Guide
Configuring HWTACACS Protocol 47
If the HWTACACS scheme you specify does not exist, the system creates it and
enters HWTACACS view.
In HWTACACS view, you can configure the HWTACACS scheme.
The system supports up to 128 HWTACACS schemes. You can only delete the
schemes that are not being used.
By default, no HWTACACS scheme exists.
Configuring TACACS
Authentication Servers
Perform the following configuration in HWTACACS view.
The primary and secondary authentication servers cannot use the same IP address.
Otherwise, the system will prompt unsuccessful configuration. The default port
number is 49.
If you execute this command repeatedly, the new settings will replace the old
settings.
You can remove a server that cannot be removed otherwise, only when it is not
used by any active TCP connection for sending authentication packets. This delete
does not affect the packets sent before the operation.
Configuring TACACS
Authorization Servers
Perform the following configuration in HWTACACS view.
n
If TACACS authentication is configured for a user without TACACS authorization
server, the user cannot log in regardless of its user type.
Tab le 43 Configure TACACS authentication servers
Operation Command
Configure the TACACS primary
authentication server.
primary authentication ip-address [ port ]
Delete the TACACS primary authentication
server.
undo primary authentication
Configure the TACACS secondary
authentication server.
secondary authentication ip-address [ port ]
Delete the TACACS secondary authentication
server.
undo secondary authentication
Tab le 44 Configure TACACS authorization servers
Operation Command
Configure the primary TACACS authorization
server.
primary authorization ip-address [ port ]
Delete the primary TACACS authorization
server.
undo primary authorization
Configure the secondary TACACS
authorization server.
secondary authorization ip-address [ port ]
Delete the secondary TACACS authorization
server.
undo secondary authorization