Displaying and debugging tacacs, Implementing aaa using tacacs, 5 displaying and debugging tacacs – 3Com 10014303 User Manual

2.5 Displaying and Debugging TACACS+

Execute the following commands in all views.

Table 2-7 Display and debug AAA and RADIUS

Operation

Command

Display all the accounting details.

display hwtacacs accounting [ verbose ]

Display all the router-TACACS+
interaction details.

display hwtacacs server [ verbose ]

Clear all the accounting details.

reset hwtacacs accounting statistics

Clear all the router-TACACS+
interaction details.

reset hwtacacs server statistics

Enable the debugging of AAA
implemented using TACACS+

debugging hwtacacs { authentication | authorization |
accounting } [ packet ] [ user user-name ][ interface
interface-name ]

Disable the debugging of AAA
implemented using TACACS+

undo debugging hwtacacs { authentication | authorization |
accounting } [ packet ] [ user user-name ][ interface
interface-name ]

2.6 Implementing AAA Using TACACS+

Use TACACS+ to implement AAA on PPP and login users.

Router

TACACS+ server

10.110.1.1

TACACS+ server

10.110.1.2

ISDN\PSTN

Dial-up user

Terminal user

S0:

168.1.1.1

E1:192.10.1.1

E0:

10.110.1.10

192.10.1.0/24

Accessed network

Router

TACACS+ server

10.110.1.1

TACACS+ server

10.110.1.2

ISDN\PSTN

Dial-up user

Terminal user

S0:

168.1.1.1

E1:192.10.1.1

E0:

10.110.1.10

192.10.1.0/24

Accessed network

Figure 2-4 Networking for the AAA implementation using TACACS+

To configure TACACS+:

1

Create a TACACS+ server group and add TACACS+ servers into it.

[3Com] HWTACACS-server template tactemplate1

[3Com-HWTACACS-tactemplate1]host ip 10.110.1.1 authen-primary

[3Com-HWTACACS-tactemplate1]host ip 10.110.1.1 author-primary

[3Com-HWTACACS-tactemplate1]host ip 10.110.1.1 account-primary

[3Com-HWTACACS-tactemplate1]host ip 10.110.1.2

3Com Router Configuration Guide Addendum for V1.20

23