Introduction to hwtacacs, What is hwtacacs – H3C Technologies H3C S3600 Series Switches User Manual
Page 513
1-6
Type field value
Attribute type
Type field value
Attribute type
11 Filter-ID
33 Proxy-State
12 Framed-MTU
34 Login-LAT-Service
13 Framed-Compression
35 Login-LAT-Node
14 Login-IP-Host
36 Login-LAT-Group
15 Login-Service
37 Framed-AppleTalk-Link
16 Login-TCP-Port
38 Framed-AppleTalk-Network
17 (unassigned)
39 Framed-AppleTalk-Zone
18 Reply-Message
40-59
(reserved
for
accounting)
19 Callback-Number
60 CHAP-Challenge
20 Callback-ID
61 NAS-Port-Type
21 (unassigned)
62 Port-Limit
22 Framed-Route
63 Login-LAT-Port
The RADIUS protocol has good scalability. Attribute 26 (Vender-Specific) defined in this protocol allows
a device vendor to extend RADIUS to implement functions that are not defined in standard RADIUS.
depicts the format of attribute 26. The Vendor-ID field used to identify a vendor occupies four
bytes, where the first byte is 0, and the other three bytes are defined in RFC 1700. Here, the vendor can
encapsulate multiple customized sub-attributes (containing vendor-specific Type, Length and Value) to
implement a RADIUS extension.
Figure 1-4 Vendor-specific attribute format
Type
……
Length
0
7
Vendor-ID
7
15
31
Vendor-ID
Type (specified)
Length (specified)
Specified attribute value……
Introduction to HWTACACS
What is HWTACACS
Huawei Terminal Access Controller Access Control System (HWTACACS) is an enhanced security
protocol based on TACACS (RFC 1492). Similar to the RADIUS protocol, it implements AAA for
different types of users (such as PPP, VPDN, and terminal users) through communicating with TACACS
server in client-server mode.
Compared with RADIUS, HWTACACS provides more reliable transmission and encryption, and
therefore is more suitable for security control.
lists the primary differences between
HWTACACS and RADIUS.