华为模板示例
配置hwtacacs模板:
配置hwtacacs模板
hwtacacs-server template wh_szrcb
hwtacacs-server authentication 194.2.17.21
hwtacacs-server authentication 194.2.17.22 secondary
hwtacacs-server authorization 194.2.17.21
hwtacacs-server authorization 194.2.17.22 secondar
hwtacacs-server accounting 194.2.17.21
hwtacacs-server accounting 194.2.17.22 secondary
hwtacacs-server shared-key cipher ??? // ********此处需要填写**********
配置认证方案
aaa
authentication-scheme wh_szrcb
authentication-mode hwtacacs local
authorization-scheme wh_szrcb
authorization-mode hwtacacs local
accounting-scheme wh_szrcb
accounting-mode hwtacacs
accounting start-fail online
domain wh_szrcb
authentication-scheme wh_szrcb
accounting-scheme wh_szrcb
authorization-scheme wh_szrcb
hwtacacs-server wh_szrcbdo
配置全局默认域(适情况配置)
domain wh_szrcb admin
华三模板示例
hwtacacs scheme wh_szrcb
primary authentication 194.2.17.21
secondary authentication 194.2.17.22
primary authorization 194.2.17.21
secondary authorization 194.2.17.22
primary accounting 194.2.17.21
secondary accounting 194.2.17.22
nas-ip 194.2.34.249
key authentication cipher // ********此处需要填写**********
key authorization cipher // ********此处需要填写**********
key accounting cipher // ********此处需要填写**********
user-name-format without-domain
#
domain wh_szrcb
authentication login hwtacacs-scheme wh_szrcb local
authorization login hwtacacs-scheme wh_szrcb local
accounting login hwtacacs-scheme wh_szrcb local
authorization command hwtacacs-scheme wh_szrcb
default-limit disable
state active
idle-cut disable
self-service-url disable
accounting optional
