The hwtacacs-server accounting command configures the primary and secondary HWTACACS accounting server for the template.
The undo hwtacacs-server accounting command deletes the primary HWTACACS accounting server from the template.
By default, if secondary parameter is not specified, the primary server is configured.
hwtacacs-server accounting ip-address
hwtacacs-server accounting ip-address secondary
hwtacacs-server accounting ip-address port
hwtacacs-server accounting ip-address { shared-key { key-string | cipher key-string } | mux-mode | { vpn-instance vpn-name-val | public-net } } *
hwtacacs-server accounting ip-address port { shared-key { key-string | cipher key-string } | mux-mode | { vpn-instance vpn-name-val | public-net } } *
hwtacacs-server accounting ip-address port secondary
hwtacacs-server accounting ip-address { shared-key { key-string | cipher key-string } | mux-mode | { vpn-instance vpn-name-val | public-net } } * secondary
hwtacacs-server accounting ip-address port { shared-key { key-string | cipher key-string } | mux-mode | { vpn-instance vpn-name-val | public-net } } * secondary
undo hwtacacs-server accounting
undo hwtacacs-server accounting ip-address
undo hwtacacs-server accounting ip-address secondary
undo hwtacacs-server accounting ip-address port
undo hwtacacs-server accounting ip-address [ port ] { mux-mode | { vpn-instance vpn-name-val | public-net } } *
undo hwtacacs-server accounting ip-address port secondary
undo hwtacacs-server accounting ip-address [ port ] { mux-mode | { vpn-instance vpn-name-val | public-net } } * secondary
| Parameter | Description | Value |
|---|---|---|
| ip-address |
Specifies the IP addresses of the HWTACACS server. |
The value is in dotted decimal notation. It must be a valid unicast address. |
| secondary |
Indicates the secondary HWTACACS server.
|
- |
| port |
Specifies the port number of the HWTACACS server. |
The value is an integer ranging from 1 to 65535. The default value is 49. |
| shared-key |
Specifies the shared key. |
- |
| key-string |
Specifies the shared key in encrypted or plain text. |
The value is a string of case-sensitive characters that can be letters or digits. Spaces are not supported. The password can be a string of 1 to 255 characters in plain text or a string of 20 to 432 characters in encrypted text. The new password is at least eight characters long and contains at least two of the following types: upper-case letters, lower-case letters, digits, and special characters. |
| cipher |
Specifies the shared key in encrypted or plain text. |
- |
| mux-mode |
Indicates that the HWTACACS server works in multiplex mode. |
- |
| vpn-instance vpn-name-val |
Specifies the VPN instance name. If the parameter vpn-instance is specified, the server is mapped to a VPN instance. If vpn-instance-name does not exist, the configuration is invalid. |
The value is a string of 1 to 31 case-sensitive characters, spaces not supported. In addition, the VPN instance name must not be _public_. When double quotation marks are used around the string, spaces are allowed in the string. |
| public-net |
Indicates that the HWTACACS accounting server on the public network is connected. |
- |
| simple simple-key-string |
Specifies the shared key in plain text. |
The value is a string of case-sensitive characters that can be letters or digits. Spaces are not supported. The password can be a string of 1 to 255 characters in plain text. |
Usage Scenario
When user accounting needs to be performed, you can run the hwtacacs-server accounting command to assign an IP address to the primary or secondary HWTACACS accounting server.
Prerequisites
The HWTACACS server template is correctly configured.
Configuration Impact
If the hwtacacs-server accounting command runs for multiple times, the latest configuration overrides the previous ones.
Precautions