beautypg.com

Configuring tacacs accounting servers, Configuring tacacs accounting servers -20 – H3C Technologies H3C WX3000 Series Unified Switches User Manual

Page 272

background image

25-20

To do…

Use the command…

Remarks

Create a HWTACACS scheme and
enter its view

hwtacacs scheme

hwtacacs-scheme-name

Required
By default, no HWTACACS
scheme exists.

Set the IP address and port
number of the primary TACACS
authorization server

primary authorization ip-address

[ port ]

Required
By default, the IP address of the
primary authorization server is
0.0.0.0, and the port number is 0.

Set the IP address and port
number of the secondary TACACS
authorization server

secondary authorization
ip-address

[ port ]

Optional
By default, the IP address of the
secondary authorization server is
0.0.0.0, and the port number is 0.

z

You are not allowed to configure the same IP address for both primary and secondary authorization
servers. If you do this, the system will prompt that the configuration fails.

z

You can remove a server only when it is not used by any active TCP connection for sending
authorization messages.

Configuring TACACS Accounting Servers

Follow these steps to configure TACACS accounting servers:

To do…

Use the command…

Remarks

Enter system view

system-view

Create a HWTACACS scheme and
enter its view

hwtacacs scheme

hwtacacs-scheme-name

Required
By default, no HWTACACS scheme exists.

Set the IP address and port
number of the primary TACACS
accounting server

primary accounting

ip-address

[ port ]

Required
By default, the IP address of the primary
accounting server is 0.0.0.0, and the port
number is 0.

Set the IP address and port
number of the secondary TACACS
accounting server

secondary accounting

ip-address

[ port ]

Required
By default, the IP address of the secondary
accounting server is 0.0.0.0, and the port
number is 0.

Enable the stop-accounting
message retransmission function
and set the maximum number of
transmission attempts of a buffered
stop-accounting message

retry stop-accounting

retry-times

Optional
By default, the stop-accounting messages
retransmission function is enabled and the
system can transmit a buffered
stop-accounting request for 100 times.

See also other documents in the category H3C Technologies Routers: