version 5.20,release 5501p36,配置hwtacaes认证失败。 可以确认:1,服务器端配置无误 ;2,共享密码配置无误;3,同款交换机release版本5206,相同配置tacaes,认证正常,release 5501p36认证就不成功,只能以本地用户admin登录
交换机认证配置: hwtacacs scheme sjj primary authentication 10.10.83.254 secondary authentication 10.10.83.243 primary authorization 10.10.83.254 secondary authorization 10.10.83.243 primary accounting 10.10.83.254 secondary accounting 10.10.83.243 nas-ip 10.10.86.77 key authentication cipher $c$3$yBcJBntZOSKJIFJHwSl1lS+W6ioVRgbqDA== key authorization cipher $c$3$IN1q82JJvxuQWeyynnUZGMPcIr0VFjp26w== key accounting cipher $c$3$azNOy/popssLpOKIfWUMUf+Gcbo3l1R3yQ== user-name-format without-domain # domain sjj authentication login hwtacacs-scheme sjj authorization login hwtacacs-scheme sjj accounting login hwtacacs-scheme sjj authorization command hwtacacs-scheme sjj accounting command hwtacacs-scheme sjj access-limit disable state active idle-cut disable self-service-url disable domain system access-limit disable state active idle-cut disable self-service-url disable # user-interface vty 0 15 authentication-mode scheme command authorization command accounting user privilege level 3 set authentication password cipher $c$3$Qd41yiWimLZhCblLIuGGk1Dlf5Lf1ijGLaIh #
(0)
最佳答案
您好,请知:
以下是s5500部署tacacs的典型组网配置案例,本案例中是使用Imc tam作为tacacs服务器,请参考:
https://zhiliao.h3c.com/theme/details/104416
(0)
暂无评论
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
抄袭了我的内容
×
原文链接或出处
诽谤我
×
对根叔社区有害的内容
×
不规范转载
×
举报说明
暂无评论