HP 6125G HP 6125G & 6125G/XG Blade Switches Security Command Reference - Page 89

primary authorization Syntax primary authorization ip-address [ port-number | vpn-instance vpn-instance-name ] * View undo primary authorization HWTACACS scheme view Default level 2: System level Parameters ip-address: IP address of the primary HWTACACS authorization server, in dotted decimal notation. The default setting is 0.0.0.0. port-number: Service port number of the primary HWTACACS authorization server. It ranges from 1 to 65535 and defaults to 49. vpn-instance vpn-instance-name: Specifies the MPLS L3VPN to which the primary HWTACACS authorization server belongs, where vpn-instance-name is a case-sensitive string of 1 to 31 characters. If the server is on the public network, do not specify this option. Description Use primary authorization to specify the primary HWTACACS authorization server. Use undo primary authorization to remove the configuration. By default, no primary HWTACACS authorization server is specified. The IP addresses of the primary and secondary authorization servers must be different. Otherwise, the configuration fails. If the specified server resides on an MPLS VPN, specify the VPN by using the vpn-instance vpn-instance-name option. The VPN specified by this command takes precedence over the VPN specified for the HWTACACS scheme. If you configure the command repeatedly, only the last configuration takes effect. You can remove an authorization server only when it is not used by any active TCP connection to send authorization packets. Removing an authorization server affects only authorization processes that occur after the remove operation. Related commands: display hwtacacs and vpn-instance (HWTACACS scheme view). Examples # Configure the IP address and port number of the primary authorization server for HWTACACS scheme hwt1 as 10.163.155.13 and 49. system-view [Sysname] hwtacacs scheme hwt1 [Sysname-hwtacacs-hwt1] primary authorization 10.163.155.13 49 80