< Home

Data Model

The configuration model file matching the HWTACACS server template is huawei-aaa-hwtacacs.yang.

Table 1 Configurations of the HWTACACS server template

Object

Description

Value

Remarks

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/name

Indicates the name of an HWTACACS server template.

The value is a string of 1 to 32 case-insensitive characters, including letters, digits, periods (.), hyphens (-), underscores (_), and a combination of these characters. The value cannot be - or --.

N/A

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/vsys

Indicates the vsys name.

The value is a string of 1 to 31 characters.

This object is of no significance for a switch.

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/primary-authentication-server/server-ip-address

Indicates the IP address of the primary HWTACACS authentication server.

The value must be a valid unicast address in dotted decimal notation.

N/A

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/primary-authentication-server/port

Indicates the port number of the primary HWTACACS authentication server.

The value is an integer that ranges from 1 to 65535.

N/A

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/primary-authentication-server/vpn-instance

Indicates the VPN instance to which the primary HWTACACS authentication server belongs.

The value must be the name of an existing VPN instance. For details about how to create a VPN instance, see IP VPN Management.

This object cannot be delivered together with /huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/primary-authentication-server/public-net.

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/primary-authentication-server/public-net

Indicates whether to connect to the primary HWTACACS authentication server on the public network.

The value is of the Boolean type:

  • true: connects to the server on the public network.
  • false: disconnects from the server on the public network.

This object cannot be delivered together with /huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/primary-authentication-server/vpn-instance.

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/secondary-authentication-server/server-ip-address

Indicates the IP address of the secondary HWTACACS authentication server.

The value must be a valid unicast address in dotted decimal notation.

N/A

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/secondary-authentication-server/port

Indicates the port number of the secondary HWTACACS authentication server.

The value is an integer that ranges from 1 to 65535.

N/A

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/secondary-authentication-server/vpn-instance

Indicates the VPN instance to which the secondary HWTACACS authentication server belongs.

The value must be the name of an existing VPN instance. For details about how to create a VPN instance, see IP VPN Management.

This object cannot be delivered together with /huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/secondary-authentication-server/public-net.

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/secondary-authentication-server/public-net

Indicates whether to connect to the secondary HWTACACS authentication server on the public network.

The value is of the Boolean type:

  • true: connects to the server on the public network.
  • false: disconnects from the server on the public network.

This object cannot be delivered together with /huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/secondary-authentication-server/vpn-instance.

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/primary-authorization-server/server-ip-address

Indicates the IP address of the primary HWTACACS authorization server.

The value must be a valid unicast address in dotted decimal notation.

N/A

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/primary-authorization-server/port

Indicates the port number of the primary HWTACACS authorization server.

The value is an integer that ranges from 1 to 65535.

N/A

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/primary-authorization-server/vpn-instance

Indicates the VPN instance to which the primary HWTACACS authorization server belongs.

The value must be the name of an existing VPN instance. For details about how to create a VPN instance, see IP VPN Management.

This object cannot be delivered together with /huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/primary-authorization-server/public-net.

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/primary-authorization-server/public-net

Indicates whether to connect to the primary HWTACACS authorization server on the public network.

The value is of the Boolean type:

  • true: connects to the server on the public network.
  • false: disconnects from the server on the public network.

This object cannot be delivered together with /huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/primary-authorization-server/vpn-instance.

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/secondary-authorization-server/server-ip-address

Indicates the IP address of the secondary HWTACACS authorization server.

The value must be a valid unicast address in dotted decimal notation.

N/A

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/secondary-authorization-server/port

Indicates the port number of the secondary HWTACACS authorization server.

The value is an integer that ranges from 1 to 65535.

N/A

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/secondary-authorization-server/vpn-instance

Indicates the VPN instance to which the secondary HWTACACS authorization server belongs.

The value must be the name of an existing VPN instance. For details about how to create a VPN instance, see IP VPN Management.

This object cannot be delivered together with /huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/secondary-authorization-server/public-net.

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/secondary-authorization-server/public-net

Indicates whether to connect to the secondary HWTACACS authorization server on the public network.

The value is of the Boolean type:

  • true: connects to the server on the public network.
  • false: disconnects from the server on the public network.

This object cannot be delivered together with /huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/secondary-authorization-server/vpn-instance.

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/primary-accounting-server/server-ip-address

Indicates the IP address of the primary HWTACACS accounting server.

The value must be a valid unicast address in dotted decimal notation.

N/A

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/primary-accounting-server/port

Indicates the port number of the primary HWTACACS accounting server.

The value is an integer that ranges from 1 to 65535.

N/A

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/primary-accounting-server/vpn-instance

Indicates the VPN instance to which the primary HWTACACS accounting server belongs.

The value must be the name of an existing VPN instance. For details about how to create a VPN instance, see IP VPN Management.

This object cannot be delivered together with /huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/primary-accounting-server/public-net.

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/primary-accounting-server/public-net

Indicates whether to connect to the primary HWTACACS accounting server on the public network.

The value is of the Boolean type:

  • true: connects to the server on the public network.
  • false: disconnects from the server on the public network.

This object cannot be delivered together with /huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/primary-accounting-server/vpn-instance.

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/secondary-accounting-server/server-ip-address

Indicates the IP address of the secondary HWTACACS accounting server.

The value must be a valid unicast address in dotted decimal notation.

N/A

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/secondary-accounting-server/port

Indicates the port number of the secondary HWTACACS accounting server.

The value is an integer that ranges from 1 to 65535.

N/A

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/secondary-accounting-server/vpn-instance

Indicates the VPN instance to which the secondary HWTACACS accounting server belongs.

The value must be the name of an existing VPN instance. For details about how to create a VPN instance, see IP VPN Management.

This object cannot be delivered together with /huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/secondary-accounting-server/public-net.

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/secondary-accounting-server/public-net

Indicates whether to connect to the secondary HWTACACS accounting server on the public network.

The value is of the Boolean type:

  • true: connects to the server on the public network.
  • false: disconnects from the server on the public network.

This object cannot be delivered together with /huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/secondary-accounting-server/vpn-instance.

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/source-ip-address
Indicates the source IPv4 address used by the device to communicate with an HWTACACS server. The object includes:
  • ip-address: indicates the source IPv4 address used by the device to communicate with an HWTACACS server.
  • loopback-interface: specifies the IPv4 address of a loopback interface as the source IPv4 address used by the device to communicate with an HWTACACS server.
  • vlanif-id: specifies the IPv4 address of a VLANIF interface as the source IPv4 address used by the device to communicate with an HWTACACS server.
  • ip-address: The value is in dotted decimal notation.
  • loopback-interface: The loopback interface must already exist.
  • vlanif-id: The VLANIF interface must already exist.

N/A

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/source-ipv6-address

Indicates the source IPv6 address used by the device to communicate with an HWTACACS server. The object includes:

  • ipv6-address: specifies the source IPv6 address used by the device to communicate with an HWTACACS server.
  • ipv6-loopback-interface: specifies the IPv6 address of a loopback interface as the source IPv6 address used by the device to communicate with an HWTACACS server.
  • ipv6-vlanif-id: specifies the IPv6 address of a VLANIF interface as the source IPv6 address used by the device to communicate with an HWTACACS server.
  • ip-address: The value is a 32-digit hexadecimal number in the format X:X:X:X:X:X:X:X.
  • loopback-interface: The loopback interface must already exist.
  • vlanif-id: The VLANIF interface must already exist.

NA

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/shared-key

Indicates the shared key of the switch and HWTACACS server.

The value is a string of 1 to 255 case-sensitive characters without question marks (?) or spaces.

N/A

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/options/user-name/domain-include

Indicates whether the packets sent to the HWTACACS server contain the domain name.

The value is of the Boolean type:

  • true: The packets contain the domain name.
  • false: The packets do not contain the domain name.

N/A

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/primary-authentication-server-ipv6

Indicates the primary HWTACACS authentication server with a specified IPv6 address. The object includes:

  • server-ip-address: indicates the IPv6 address of the HWTACACS authentication server.
  • port: indicates the port number of the HWTACACS authentication server.
  • vpn-instance: indicates the VPN instance bound to the HWTACACS authentication server.
  • public-net: indicates that the HWTACACS authentication server is connected to a public network.
  • server-ip-address: The value is a 32-digit hexadecimal number in the format X:X:X:X:X:X:X:X.
  • port: The value is an integer that ranges from 1 to 65535. The default value is 49.
  • vpn-instance: The VPN instance is already created.
  • public-net: -

N/A

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/secondary-authentication-server-ipv6

Indicates that the HWTACACS authentication server with the second IPv6 address functions as the secondary server. The object includes:

  • server-ip-address: indicates the IPv6 address of the HWTACACS authentication server.
  • port: indicates the port number of the HWTACACS authentication server.
  • vpn-instance: indicates the VPN instance bound to the HWTACACS authentication server.
  • public-net: indicates that the HWTACACS authentication server is connected to a public network.
  • server-ip-address: The value is a 32-digit hexadecimal number in the format X:X:X:X:X:X:X:X.
  • port: The value is an integer that ranges from 1 to 65535. The default value is 49.
  • vpn-instance: The VPN instance is already created.
  • public-net: -

NA

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/third-authentication-server-ipv6

Indicates that the HWTACACS authentication server with the third IPv6 address functions as the secondary server. The object includes:

  • server-ip-address: indicates the IPv6 address of the HWTACACS authentication server.
  • port: indicates the port number of the HWTACACS authentication server.
  • vpn-instance: indicates the VPN instance bound to the HWTACACS authentication server.
  • public-net: indicates that the HWTACACS authentication server is connected to a public network.
  • server-ip-address: The value is a 32-digit hexadecimal number in the format X:X:X:X:X:X:X:X.
  • port: The value is an integer that ranges from 1 to 65535. The default value is 49.
  • vpn-instance: The VPN instance is already created.
  • public-net: -

N/A

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/primary-authorization-server-ipv6

Indicates the primary HWTACACS authorization server with a specified IPv6 address. The object includes:

  • server-ip-address: indicates the IPv6 address of the HWTACACS authorization server.
  • port: indicates the port number of the HWTACACS authorization server.
  • vpn-instance: indicates the VPN instance bound to the HWTACACS authorization server.
  • public-net: indicates that the HWTACACS authorization server is connected to a public network.
  • server-ip-address: The value is a 32-digit hexadecimal number in the format X:X:X:X:X:X:X:X.
  • port: The value is an integer that ranges from 1 to 65535. The default value is 49.
  • vpn-instance: The VPN instance is already created.
  • public-net: -

N/A

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/secondary-authorization-server-ipv6

Indicates that the HWTACACS authorization server with the second IPv6 address functions as the secondary server. The object includes:

  • server-ip-address: Indicates the IPv6 address of the HWTACACS authorization server.
  • port: indicates the port number of the HWTACACS authorization server.
  • vpn-instance: indicates the VPN instance bound to the HWTACACS authorization server.
  • public-net: indicates that the HWTACACS authorization server is connected to a public network.
  • server-ip-address: The value is a 32-digit hexadecimal number in the format X:X:X:X:X:X:X:X.
  • port: The value is an integer that ranges from 1 to 65535. The default value is 49.
  • vpn-instance: The VPN instance is already created.
  • public-net: -

N/A

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/third-authorization-server-ipv6

Indicates that the HWTACACS authorization server with the third IPv6 address functions as the secondary server. The object includes:

  • server-ip-address: indicates the IPv6 address of the HWTACACS authorization server.
  • port: indicates the port number of the HWTACACS authorization server.
  • vpn-instance: indicates the VPN instance bound to the HWTACACS authorization server.
  • public-net: indicates that the HWTACACS authorization server is connected to a public network.
  • server-ip-address: The value is a 32-digit hexadecimal number in the format X:X:X:X:X:X:X:X.
  • port: The value is an integer that ranges from 1 to 65535. The default value is 49.
  • vpn-instance: The VPN instance is already created.
  • public-net: -

N/A

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/primary-accounting-server-ipv6

Indicates the primary HWTACACS accounting server with a specified IPv6 address. The object includes:

  • server-ip-address: indicates the IPv6 address of the HWTACACS accounting server.
  • port: indicates the port number of the HWTACACS accounting server.
  • vpn-instance: indicates the VPN instance bound to the HWTACACS accounting server.
  • public-net: indicates that the HWTACACS accounting server is connected to a public network.
  • server-ip-address: The value is a 32-digit hexadecimal number in the format X:X:X:X:X:X:X:X.
  • port: The value is an integer that ranges from 1 to 65535. The default value is 49.
  • vpn-instance: The VPN instance is already created.
  • public-net: -

N/A

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/secondary-accounting-server-ipv6

Indicates that the HWTACACS accounting server with the second IPv6 address functions as the secondary server. The object includes:

  • server-ip-address: indicates the IPv6 address of the HWTACACS accounting server.
  • port: indicates the port number of the HWTACACS accounting server.
  • vpn-instance: indicates the VPN instance bound to the HWTACACS accounting server.
  • public-net: indicates that the HWTACACS accounting server is connected to a public network.
  • server-ip-address: The value is a 32-digit hexadecimal number in the format X:X:X:X:X:X:X:X.
  • port: The value is an integer that ranges from 1 to 65535. The default value is 49.
  • vpn-instance: The VPN instance is already created.
  • public-net: -

N/A

/huawei-aaa-hwtacacs:hwtacacs/hwtacacs-server/third-accounting-server-ipv6

Indicates that the HWTACACS accounting server with the third IPv6 address functions as the secondary server. The object includes:

  • server-ip-address: indicates the IPv6 address of the HWTACACS accounting server.
  • port: indicates the port number of the HWTACACS accounting server.
  • vpn-instance: indicates the VPN instance bound to the HWTACACS accounting server.
  • public-net: indicates that the HWTACACS accounting server is connected to a public network.
  • server-ip-address: The value is a 32-digit hexadecimal number in the format X:X:X:X:X:X:X:X.
  • port: The value is an integer that ranges from 1 to 65535. The default value is 49.
  • vpn-instance: The VPN instance is already created.
  • public-net: -

N/A
Parent Topic: Configuring an HWTACACS Server Template
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
Next topic >