[x]

HWTACACS configuration commands > secondary authorization

 

 Next

secondary authorization

Syntax

secondary authorization ip-address [ port-number | key [ cipher | simple ] key ] *

undo secondary authorization [ ip-address ]

View

HWTACACS scheme view

Default level

2: System level

Parameters

ip-address: IP address of the secondary HWTACACS authorization server, in dotted decimal notation. The default setting is 0.0.0.0.

port-number: Service port number of the secondary HWTACACS authorization server. It ranges from 1 to 65535 and defaults to 49.

key { cipher | simple } key: Sets the shared key for secure communication with the secondary HWTACACS authorization server.

Description

Use secondary authorization to specify the secondary HWTACACS authorization server.

Use undo secondary authorization to remove the configuration.

By default, no secondary HWTACACS authorization server is specified.

The IP addresses of the primary and secondary authorization servers cannot be the same. Otherwise, the configuration fails.

If you configure the command repeatedly, only the last configuration takes effect.

You can remove an authorization server only when it is not used by any active TCP connection to send authorization packets. Removing an authorization server affects only authorization processes that occur after the remove operation.

Related commands: display hwtacacs.

Examples

# Configure the secondary authorization server 10.163.155.13 with TCP port number 49.

<Sysname> system-view
[Sysname] hwtacacs scheme hwt1
[Sysname-hwtacacs-hwt1] secondary authorization 10.163.155.13 49

prev

 

up

 next

secondary authentication (HWTACACS scheme view) 

home

 stop-accounting-buffer enable (HWTACACS scheme view)

© Copyright 2016 Hewlett Packard Enterprise Development LP