Manualshelf

3Com Switch 8800 Advanced Software V5 Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 9400sl 4-Port 10-GbE Module
891892893894895896897898899900
904 CHAPTER 70: AAA, RADIUS AND HWTACACS CONFIGURATION
n
The product of the maximum number of retransmission attempts of RADIUS
packets and the RADIUS server response timeout period cannot be greater
than 75.
To configure the maximum number of retransmission attempts of RADIUS
packets, refer to the command retry in the Switch 8800 Command Reference
Guide.
Configuring
HWTACACS
Creating a HWTACACS
scheme
The HWTACACS protocol is configured on a per scheme basis. Before performing
other HWTACACS configurations, follow these steps to create a HWTACACS
scheme and enter HWTACACS scheme view:
n
Up to 16 HWTACACS schemes can be configured.
A scheme can be deleted only when it is not referenced.
Specifying the
HWTACACS
Authentication Servers
Follow these steps to specify the HWTACACS authentication servers:
n
The IP addresses of the primary and secondary authentication servers cannot
be the same. Otherwise, the configuration fails.
Set the quiet timer for the
primary server
timer quiet minutes Optional
5 minutes by default
Set the real-time accounting
interval
timer realtime-accounting
minutes
Optional
12 minutes by default
To do... Use the command... Remarks
To do... Use the command... Remarks
Enter system view system-view -
Create a HWTACACS scheme
and enter HWTACACS
scheme view
hwtacacs scheme
hwtacacs-scheme-name
Required
No HWTACACS scheme exists
by default.
To do... Use the command... Remarks
Enter system view system-view -
Create a HWTACACS scheme
and enter HWTACACS
scheme view
hwtacacs scheme
hwtacacs-scheme-name
Required
No HWTACACS scheme exists
by default.
Configure the IP address and
port of the primary
HWTACACS authentication
server
primary authentication
ip-address [ port-number ]
Required
The defaults are as follows:
0.0.0.0 for the IP address, and
49 for the TCP port.
Configure the IP address and
port of the secondary
HWTACACS authentication
server
secondary authentication
ip-address [ port-number ]
Required
The defaults are as follows:
0.0.0.0 for the IP address, and
49 for the TCP port.