Operation Manual – AAA-RADIUS-HWTACACS
H3C S3610&S5510 Series Ethernet Switches
Chapter 1 AAA/RADIUS/HWTACACS
Configuration
1-37
To do…
Use the command…
Remarks
Set the shared keys for
HWTACACS
authentication,
authorization, and
accounting packets
key
{
accounting
|
authentication
|
authorization
}
string
Required
No shared key exists by
default.
1.5.6 Configuring Attributes Related to the Data Sent to the TACACS Server
Follow these steps to configure the attributes related to the data sent to the
HWTACACS server:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Create a HWTACACS
scheme and enter
HWTACACS scheme view
hwtacacs scheme
hwtacacs-scheme-name
Required
Not defined by default
Specify the format of the
username to be sent to a
HWTACACS server
user-name-format
{
with-domain
|
without-domain
}
Optional
By default, the ISP
domain name is included
in the username.
Specify the unit for data
flows or packets to be sent
to a HWTACACS server
data-flow-format
{
data
{
byte
|
giga-byte
|
kilo-byte
|
mega-byte
} |
packet
{
giga-packet
|
kilo-packet
|
mega-packet
|
one-packet
} }
*
Optional
The defaults are as
follows:
byte
for data flows, and
one-packet
for data
packets.
In
HWTACAC
S scheme
view
nas-ip ip-address
quit
Set the
source IP
address of
the device
to send
HWTACAC
S packets
In system
view
hwtacacs nas-ip
ip-address
Use either command
By default, the outbound
port serves as the source
IP address to send
HWTACACS packets