H3C Technologies H3C WX3000E Series Wireless Switches User Manual

Page 52

NOTE:
•

An HWTACACS server can function as the primary authorization server of one scheme and as the
secondary authorization server of another scheme at the same time.

•

The IP addresses of the primary and secondary authorization servers cannot be the same. Otherwise,
the configuration fails.

•

You can remove an authorization server only when no active TCP connection for sending authorization
packets is using it.

Specifying the HWTACACS accounting servers and the relevant parameters

You can specify one primary accounting server and one secondary accounting server for an

HWTACACS scheme so that the NAS can find a server for user accounting when using the scheme.

When the primary server is not available, the secondary server is used, if any. In a scenario where
redundancy is not required, specify only the primary server.
When the device receives a connection teardown request from a host or a connection teardown

command from an administrator, it sends a stop-accounting request to the accounting server. You can

enable buffering of non-responded stop-accounting requests to allow the device to buffer and resend a

stop-accounting request until it receives a response or the number of stop-accounting attempts reaches
the configured limit. In the latter case, the device discards the packet.
To specify HWTACACS accounting servers and set relevant parameters for an HWTACACS scheme:

Step Command

Remarks

Enter system view.

system-view

N/A

Enter HWTACACS scheme

view.

hwtacacs scheme
hwtacacs-scheme-name

N/A

Specify HWTACACS
accounting servers.

•

Specify the primary HWTACACS

accounting server:
primary accounting ip-address

[ port-number ] *

•

Specify the secondary HWTACACS

accounting server:

secondary accounting ip-address

[ port-number ] *

Configure at least one
command.
No accounting server is

specified by default.

Enable buffering of
stop-accounting requests to

which no responses are
received.

stop-accounting-buffer enable

Optional.
Enabled by default.

Set the maximum number of

stop-accounting attempts.

retry stop-accounting retry-times

Optional.
100 by default.

This manual is related to the following products:

H3C WX5500E Series Access Controllers H3C WX3500E Series Access Controllers H3C WX2500E Series Access Controllers H3C WX6000 Series Access Controllers H3C WX5000 Series Access Controllers H3C LSWM1WCM10 Access Controller Module H3C LSUM3WCMD0 Access Controller Module H3C LSUM1WCME0 Access Controller Module H3C LSWM1WCM20 Access Controller Module H3C LSQM1WCMB0 Access Controller Module H3C LSRM1WCM2A1 Access Controller Module H3C LSBM1WCM2A0 Access Controller Module H3C WA3600 Series Access Points H3C WA2600 Series WLAN Access Points H3C S10500 Series Switches H3C S5800 Series Switches H3C S5820X Series Switches H3C S12500 Series Switches H3C S9500E Series Switches H3C MSR 5600 H3C MSR 50 H3C MSR 3600 H3C MSR 30 H3C MSR 2600 H3C MSR 20-2X[40] H3C MSR 20-1X H3C MSR 930 H3C MSR 900 H3C SR8800 H3C SR6600-X H3C SR6600 H3C SecPath F5020 H3C SecPath F5040 H3C VMSG VFW1000