H3C S7500E Series Ethernet Switches Operation Manual
Operation Manual – AAA RADIUS HWTACACS
H3C S7500E Series Ethernet Switches
Chapter 1 AAA/RADIUS/HWTACACS
Configuration
1-36
To do… Use the command… Remarks
Specify the format of the
username to be sent to a
HWTACACS server
user-name-format
{ with-domain |
without-domain }
Optional
By default, the ISP
domain name is included
in the username.
Specify the unit for data
flows or packets to be sent
to a HWTACACS server
data-flow-format { data
{ byte | giga-byte |
kilo-byte | mega-byte } |
packet { giga-packet |
kilo-packet |
mega-packet |
one-packet } }*
Optional
The defaults are as
follows:
byte for data flows, and
one-packet for data
packets.
In
HWTACAC
S scheme
view
nas-ip ip-address
quit
Set the
source IP
address of
the device
to send
HWTACAC
S packets
In system
view
hwtacacs nas-ip
ip-address
Use either command
By default, the outbound
port serves as the source
IP address to send
HWTACACS packets
Note:
z If a HWTACACS server does not support a username with the domain name, you
can configure the device to remove the domain name before sending the username
to the server.
z The nas-ip command in HWTACACS scheme view is only for the current
HWTACACS scheme, while the hwtacacs nas-ip command in system view is for all
HWTACACS schemes. However, the nas-ip command in HWTACACS scheme
view overwrites the configuration of the hwtacacs nas-ip command.
1.5.7 Setting Timers Regarding HWTACACS Servers
Follow these steps to set timers regarding HWTACACS servers:
To do… Use the command… Remarks
Enter system view
system-view
—
Create a HWTACACS
scheme and enter
HWTACACS scheme
view
hwtacacs scheme
hwtacacs-scheme-name
Required
Not defined by default
Set the HWTACACS
server response timeout
timer
timer response-timeout
seconds
Optional
5 seconds by default