To do…

 

Use the command…

 

Remarks

 

 

 

 

 

 

 

Required

 

 

 

Set the IP address and port

 

primary authentication

 

By default, the IP address of

 

 

 

number of the primary

 

 

the primary authentication

 

 

 

 

ip-address [ port ]

 

 

 

 

TACACS authentication server

 

 

server is 0.0.0.0, and the port

 

 

 

 

 

 

 

 

 

 

 

 

 

number is 0.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Optional

 

 

 

Set the IP address and port

 

secondary authentication

 

By default, the IP address of

 

 

 

number of the secondary

 

 

the secondary authentication

 

 

 

 

ip-address [ port ]

 

 

 

 

TACACS authentication server

 

 

server is 0.0.0.0, and the port

 

 

 

 

 

 

 

 

 

 

 

 

 

number is 0.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

z

z

You are not allowed to configure the same IP address for both primary and secondary authentication servers. If you do this, the system will prompt that the configuration fails.

You can remove an authentication server setting only when there is no active TCP connection that is sending authentication messages to the server.

Configuring TACACS Authorization Servers

Follow these steps to configure TACACS authorization servers:

To do…

Use the command…

Remarks

Enter system view

system-view

 

 

 

Create a HWTACACS scheme

hwtacacs scheme

Required

By default, no HWTACACS

and enter its view

hwtacacs-scheme-name

scheme exists.

 

 

 

 

 

 

 

Required

Set the IP address and port

primary authorization

By default, the IP address of

number of the primary

the primary authorization

ip-address [ port ]

TACACS authorization server

server is 0.0.0.0, and the port

 

 

 

number is 0.

 

 

 

 

 

Optional

Set the IP address and port

secondary authorization

By default, the IP address of

number of the secondary

the secondary authorization

ip-address [ port ]

TACACS authorization server

server is 0.0.0.0, and the port

 

 

 

number is 0.

 

 

 

2-21

Page 280
Image 280
3Com WX3000 Configuring Tacacs Authorization Servers, Ip-address port, Primary authorization, Secondary authorization