3Com Switch 8800 Advanced Software V5 Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 9400sl 4-Port 10-GbE Module

891

892

893

894

895

896

897

898

899

900

Configuring HWTACACS 905

■ You can remove an authentication server only when no active TCP connection

for sending authentication packets is using it.

Specifying the

HWTACACS

Authorization Servers

Follow these steps to specify the HWTACACS authorization servers:

CAUTION:

■ The IP addresses of the primary and secondary authorization servers cannot be

the same. Otherwise, the configuration fails.

■ You can remove an authorization server only when no active TCP connection

for sending authorization packets is using it.

Specifying the

HWTACACS Accounting

Servers

Follow these steps to specify the HWTACACS accounting servers and perform

related configurations:

To do... Use the command... Remarks

Enter system view system-view -

Create a HWTACACS scheme

and enter HWTACACS

scheme view

hwtacacs scheme

hwtacacs-scheme-name

Required

No HWTACACS scheme exists

by default.

Configure the IP address and

port of the primary

HWTACACS authorization

server

primary authorization

ip-address [ port-number ]

Required

The defaults are as follows:

0.0.0.0 for the IP address, and

49 for the TCP port.

Configure the IP address and

port of the secondary

HWTACACS authorization

server

secondary authorization

ip-address [ port-number ]

Required

The defaults are as follows:

0.0.0.0 for the IP address, and

49 for the TCP port.

To do... Use the command... Remarks

Enter system view system-view -

Create a HWTACACS scheme

and enter HWTACACS

scheme view

hwtacacs scheme

hwtacacs-scheme-name

Required

No HWTACACS scheme exists

by default.

Configure the IP address and

port of the primary

HWTACACS accounting

server

primary accounting

ip-address [ port-number ]

Required

The defaults are as follows:

0.0.0.0 for the IP address, and

49 for the TCP port.

Configure the IP address and

port of the secondary

HWTACACS accounting

server

secondary accounting

ip-address [ port-number ]

Required

The defaults are as follows:

0.0.0.0 for the IP address, and

49 for the TCP port.

Enable the device to buffer

stop-accounting requests

getting no responses

stop-accounting-buffer

enable

Optional

Enabled by default

Set the maximum number of

stop-accounting request

transmission attempts

retry stop-accounting

retry-times

Optional

100 by default