HP 6125XLG R2306-HP 6125XLG Blade Switch Security Command Reference - Page 68
hwtacacs scheme
View all HP 6125XLG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 68 highlights
Upon receiving an HWTACACS packet, an HWTACACS server checks whether the source IP address of the packet is the IP address of a managed NAS. If yes, the server processes the packet. If not, the server drops the packet. You can specify up to 16 source IP addresses, including zero or one public-network source IPv4 address, zero or one public-network source IPv6 address, and private-network source IP addresses. A newly specified public-network source IP address overwrites the previous one. Each VPN can have at most one private-network source IPv4 address and one private-network source IPv6 address. The setting configured by using the nas-ip command in HWTACACS scheme view is only for the HWTACACS scheme, whereas that configured by using the hwtacacs nas-ip command in system view is for all HWTACACS schemes. The setting in HWTACACS scheme view takes precedence. Examples # Set the IP address for the device to use as the source address for HWTACACS packets to 129.10.10.1. system-view [Sysname] hwtacacs nas-ip 129.10.10.1 Related commands nas-ip (HWTACACS scheme view) hwtacacs scheme Use hwtacacs scheme to create an HWTACACS scheme and enter its view. Use undo hwtacacs scheme to delete an HWTACACS scheme. Syntax hwtacacs scheme hwtacacs-scheme-name undo hwtacacs scheme hwtacacs-scheme-name Default No HWTACACS scheme exists. Views System view Predefined user roles network-admin Parameters hwtacacs-scheme-name: HWTACACS scheme name, a case-insensitive string of 1 to 32 characters. Usage guidelines An HWTACACS scheme can be referenced by more than one ISP domain at the same time. You can configure up to 16 HWTACACS schemes. Examples # Create an HWTACACS scheme named hwt1 and enter its view. system-view [Sysname] hwtacacs scheme hwt1 [Sysname-hwtacacs-hwt1] 59