Hwtacacs configuration, Hwtacacs overview, Configuring hwtacacs – H3C Technologies H3C WA3600 Series Access Points User Manual

219

HWTACACS configuration

HWTACACS overview

HW Terminal Access Controller Access Control System (HWTACACS) is an enhanced security protocol

based on TACACS (RFC 1492). Similar to RADIUS, it uses a client/server (C/S) model for information
exchange between network access server (NAS) and HWTACACS server.
HWTACACS is mainly used to provide AAA services for Point-to-Point Protocol (PPP) users, Virtual Private

Dial-up Network (VPDN) users, and terminal users. In a typical HWTACACS scenario, some terminal

users need to log in to the NAS for operations. Working as the HWTACACS client, the NAS sends the
usernames and passwords of the users to the HWTACACS sever for authentication. After passing

authentication and being authorized, the users log in to the device and performs operations, and the

HWTACACS server records the commands that each user performs.

NOTE:

For more information about HWTACACS, see

H3C WA Series WLAN Access Points Security

Configuration Guide.

Configuring HWTACACS

NOTE:

The HWTACACS scheme configured through the Web interface is named system.

Recommended configuration procedure

Step Remarks

1. Creating HWTACACS

scheme system

Required.
Create an HWTACACS scheme named system.
By default, no HWTACACS scheme exists.

2. Configuring

HWTACACS servers

Authentication server and authorization server are mandatory and accounting
server is optional.
Specify the primary and secondary HWTACACS
authentication/authorization/accounting servers.
By default, no server is specified.

IMPORTANT:

If redundancy is not required, specify only the primary HWTACACS

authentication server.