616 CHAPTER 33: HWTACACS CONFIGURATION
Pay attention to the following when configuring a TACACS server:
HWTACACS server does not check whether a scheme is being used by users when
changing most of HWTACACS attributes, unless you delete the scheme.
By default, the TACACS server has no key.
In the above configuration tasks, creating HWTACACS scheme and configuring
TACACS authentication/authorization server are required; all other tasks are optional
and you can determine whether to perform these configurations as needed.
Creating a HWTACAS
Scheme
As afore mentioned, HWTACACS protocol is configured scheme by scheme.
Therefore, you must create a HWTACACS scheme and enter HWTACACS view before
you perform other configuration tasks.
Perform the following configuration in system view.
By default, no HWTACACS scheme exists.
If the HWTACACS scheme you specify does not exist, the system creates it and enters
HWTACACS view.
The system supports up to 16 HWTACACS schemes. You can only delete the schemes
that are not being used.
Setting the
Username
Format
Acceptable to
the TACACS
Server
Setting the
username format for
the TACACS server
user-name-
format
HWTACACS Configuring the
format of user name
Setting the Unit
of Data Flows
Destined for the
TACACS Server
Setting the data flow
unit for the TACACS
server
data-flow-format HWTACACS Configuring flow
traffic unit
Setting Timers
Regarding
TACACS Server
Setting the timers of
the TACACS server
timer
response-timeout
HWTACACS Setting the TACACS
server response
timeout time
timer quiet HWTACACS Setting the waiting
time before the
primary TACACS
server resumes the
active state
timer realtime-
accounting
HWTACACS Setting the real-time
accounting interval
Table671 HWTACACS configuration (continued)
Section Task Command View Description
Table672 Creating a HWTACACS scheme
Operation Command
Create a HWTACACS scheme and enter
HWTACACS view.
hwtacacs scheme hwtacacs-scheme-name
Delete a HWTACACS scheme. undo hwtacacs scheme
hwtacacs-scheme-name