nas-ip (HWTACACS scheme view)
Syntax
nas-ip ip-address
undo nas-ip
View
HWTACACS scheme view
Default level
2: System level
Parameters
ip-address: IP address in dotted decimal notation. It must be an address of the switch and cannot be 0.0.0.0, 255.255.255.255, a class D address, a class E address, or a loopback address.
Description
Use nas-ip to specify a source address for outgoing HWTACACS packets.
Use undo nas-ip to restore the default.
By default, the source IP address of an outgoing HWTACACS packet is configured by the hwtacacs nas-ip command in system view. If the hwtacacs nas-ip command is not configured, the source IP address is the IP address of the outbound interface.
The source IP address of HWTACACS packets that a NAS sends must match the IP address of the NAS that is configured on the HWTACACS server. An HWTACACS server identifies a NAS by IP address. Upon receiving an HWTACACS packet, an HWTACACS server checks whether the source IP address of the packet is the IP address of any managed NAS. If yes, the server processes the packet. If not, the server drops the packet.
If you configure the command repeatedly, only the last configuration takes effect.
The setting configured by the nas-ip command in HWTACACS scheme view is only for the HWTACACS scheme, whereas that configured by the hwtacacs nas-ip command in system view is for all HWTACACS schemes. The setting in HWTACACS scheme view takes precedence.
Related commands: hwtacacs nas-ip.
Examples
# Set the source address for outgoing HWTACACS packets to 10.1.1.1.
<Sysname> system-view [Sysname] hwtacacs scheme hwt1 [Sysname-hwtacacs-hwt1] nas-ip 10.1.1.1