beautypg.com

Displaying and maintaining hwtacacs, Configuring aaa methods for isp domains, Configuring aaa – H3C Technologies H3C SecBlade LB Cards User Manual

Page 82: Methods for isp domains

background image

71

real-time accounting, the device must send periodically real-time accounting packets to the

accounting server for online users.

Consider the performance of the NAS and the HWTACACS server when you set the real-time accounting

interval. A shorter interval requires higher performance.
To set HWTACACS timers:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter HWTACACS scheme

view.

hwtacacs scheme
hwtacacs-scheme-name

N/A

3.

Set the HWTACACS server

response timeout timer.

timer response-timeout
seconds

Optional.
The default HWTACACS server response
timeout timer is 5 seconds.

4.

Set the quiet timer for the

primary server.

timer quiet minutes

Optional.
The default quiet timer for the primary
server is 5 minutes.

5.

Set the real-time accounting

interval.

timer realtime-accounting
minutes

Optional.
The default real-time accounting interval is
12 minutes.

Displaying and maintaining HWTACACS

Task Command

Remarks

Display the configuration or statistics of
HWTACACS schemes.

display hwtacacs [ hwtacacs-server-name
[ statistics ] ] [ | { begin | exclude | include }
regular-expression ]

Available in
any view.

Display information about buffered
stop-accounting requests for which no

responses have been received.

display stop-accounting-buffer hwtacacs-scheme
hwtacacs-scheme-name [ | { begin | exclude |

include } regular-expression ]

Available in
any view.

Clear HWTACACS statistics.

reset hwtacacs statistics { accounting | all |
authentication | authorization }

Available in
user view.

Clear buffered stop-accounting
requests that get no responses.

reset stop-accounting-buffer hwtacacs-scheme
hwtacacs-scheme-name

Available in
user view.

Configuring AAA methods for ISP domains

By default, the device uses local (default) AAA methods for users in an ISP domain. To use other AAA
methods for them, configure the device to reference existing AAA schemes for the ISP domain. For

information about configuring AAA schemes, see "

Configuring RADIUS schemes

" and "

Configuring

HWTACACS schemes

."

To use local authentication for users in an ISP domain, first configure local user accounts on the device

(see "

Configuring local user attributes

").

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: