2.5 Displaying and Debugging TACACS+
Execute the following commands in all views.
Table 2-7 Display and debug AAA and RADIUS
Operation Command
Display all the accounting details.
display hwtacacs accounting
[
verbose
]
Display all the router-TACACS+
interaction details.
display hwtacacs server
[
verbose
]
Clear all the accounting details.
reset hwtacacs accounting statistics
Clear all the router-TACACS+
interaction details.
reset hwtacacs server statistics
Enable the debugging of AAA
implemented using TACACS+
debugging hwtacacs
{
authentication
|
authorization
|
accounting
} [
packet
] [
user user-name
][
interface
interface-name
]
Disable the debugging of AAA
implemented using TACACS+
undo debugging hwtacacs
{
authentication
|
authorization
|
accounting
} [
packet
] [
user user-name
][
interface
interface-name
]
2.6 Implementing AAA Using TACACS+
Use TACACS+ to implement AAA on PPP and login u se rs.
Router
TACACS + server
10.110.1.1
TACACS + server
10.110.1.2
ISDN\PST N
Dial-up user
Terminal user
S0:
168.1.1.1
E1:192.10.1.1
E0:
10.110.1.10
192.10.1.0/24
Accessed network
Router
TACACS + server
10.110.1.1
TACACS + server
10.110.1.2
ISDN\PST N
Dial-up user
Terminal user
S0:
168.1.1.1
E1:192.10.1.1
E0:
10.110.1.10
192.10.1.0/24
Accessed network
Figure 2-4 Networking for the AAA implementation using TACACS+
To configure TACACS+:
1 Create a TACACS+ server group and add TACACS+ servers into it.
[3Com] HWTACACS-server template tactemplate1
[3Com-HWTACACS-tactemplate1]host ip 10.110.1.1 authen-primary
[3Com-HWTACACS-tactemplate1]host ip 10.110.1.1 author-primary
[3Com-HWTACACS-tactemplate1]host ip 10.110.1.1 account-primary
[3Com-HWTACACS-tactemplate1]host ip 10.110.1.2
3Com Router Configuration Guide Addendum for V1.20
23