3Com Switch 8800 Advanced Software V5 Configuration Guide
886 CHAPTER 70: AAA, RADIUS AND HWTACACS CONFIGURATION
In a typical HWTACACS application, a terminal user needs to log onto the device
for operations. Working as the HWTACACS client, the device sends the username
and password to the HWTACACS server for authentication. After passing
authentication and being authorized, the user can log onto the device to perform
operations, as shown in
Figure 260.
Figure 260 Network diagram for a typical HWTACACS application
Basic message exchange process of HWTACACS
The following takes Telnet user as an example to describe how HWTACACS
performs user authentication, authorization, and accounting.
Figure 261 illustrates
the basic message exchange process of HWTACACS.
Suitable for security control Suitable for
accounting
Supports authorized use of configuration commands Does not support
authorized use of
configuration
commands
Table 38 Primary differences between HWTACACS and RADIUS
HWTACACS RADIUS
Host
HWTACACS client
HWTACACS server
HWTACACS serve
r