Filter
Top Products
3Com Switch 8800 Configuration Guide
Chapter 40 AAA and RADIUS/TACACS+ Protocol Con
figuration
40-25
Note:
If only authentication and accounting servers are configured and no authorization
server is configured, both authentication and accounting can be performed normally for
the ftp, telnet, and ssh users, but the priority of these users is 0 (that is, the lowest
privilege level) by default,
The primary and secondary authorization servers cannot use the same IP address. The
default port number is 49.
If you execute this command repeatedly, the new settings will replace the old settings.
40.4.4 Configuring TACACS+ Accounting Servers and the Related Attributes
I. Configuring TACACS+ accounting servers
Perform the following configuration in TACACS+ view.
Table 40-29 Configure TACACS+ accounting servers
Operation Command
Configure the primary TACACS
accounting server
primary accounting ip-address [ port ]
Delete the primary TACACS accounting
server
undo primary accounting
Configure the secondary TACACS
accounting server
secondary accounting ip-address
[ port ]
Delete the secondary TACACS
accounting server
undo secondary accounting
Do not configure the same IP address for the primary accounting server and the
secondary accounting server. Otherwise, an error occurs.
By default, a TACACS accounting server uses an all-zero IP address and port 49.
If you execute the primary accounting or secondary accounting command
repeatedly, the newly configured settings overwrite the corresponding existing settings.
You can delete a TACACS scheme only when no active TCP connection used to send
authentication packets uses the server.
II. Enabling stop-accounting packet retransmission
Perform the following configuration in TACACS+ view.