< Home

HWTACACS Authentication, Authorization, and Accounting Process

This section describes how HWTACACS performs authentication, authorization, and accounting for Telnet users. Figure 1 shows the message exchange process.
Figure 1 HWTACACS message interaction

The following describes the HWTACACS message exchange process shown in Figure 1:
  1. A Telnet user sends a request packet.
  2. After receiving the request packet, the HWTACACS client sends an Authentication Start packet to the HWTACACS server.
  3. The HWTACACS server sends an Authentication Response packet to request the user name.
  4. After receiving the Authentication Response packet, the HWTACACS client sends a packet to query the user name.
  5. The user enters the user name.
  6. The HWTACACS client sends an Authentication Continue packet containing the user name to the HWTACACS server.
  7. The HWTACACS server sends an Authentication Response packet to request the password.
  8. After receiving the Authentication Response packet, the HWTACACS client queries the password.
  9. The user enters the password.
  10. The HWTACACS client sends an Authentication Continue packet containing the password to the HWTACACS server.
  11. The HWTACACS server sends an Authentication Response packet, indicating that the user has been authenticated.
  12. The HWTACACS client sends an Authorization Request packet to the HWTACACS server.
  13. The HWTACACS server sends an Authorization Response packet, indicating that the user has been authorized.
  14. The HWTACACS client receives the Authorization Response packet and displays the login page.
  15. The HWTACACS client sends an Accounting Request (start) packet to the HWTACACS server.
  16. The HWTACACS server sends an Accounting Response packet.
  17. The user requests to go offline.
  18. The HWTACACS client sends an Accounting Request (stop) packet to the HWTACACS server.
  19. The HWTACACS server sends an Accounting Response packet.

HWTACACS and TACACS+ protocols of other vendors can implement authentication, authorization, and accounting. HWTACACS is compatible with other TACACS+ protocols because their authentication procedures and implementations are the same.

Parent Topic: HWTACACS AAA
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >