Command Reference Guide
3Com Router 5000 Family and Router 6000 Family authorization ● 27
Command Reference
authorization
Purpose Use the authorization command to set the IP address, port number and shared
key for the primary and secondary HWTACACS authorization servers.
Use the undo authorization command to delete the configured authorization
servers.
Syntax authorization { primary | secondary } ip ip-address [ port port-number
] [ key { simple | cipher } key-string ]
undo authorization { primary | secondary }
Parameters ip-address
Server IP address, in dotted decimal format. It must be
a legal unicast IP address.
port-number
UDP port number. Valid values are 1 to 65535.
If no value is specified, the default is 49.
simple
Indicates the key is displayed in plain text.
cipher
Indicates the key is displayed in cipher text.
key-string
Shared key. In the simple mode, the key-string must be
in plain text. In the cipher mode, the key-string can be
in either plain or cipher text. The plain key is a
character string containing 1 to 96 characters, such as
3Com918.
Default By default, the IP address of TACACS authorization server is 0.0.0.0., without any key.
Example Configure the IP address to 10.110.1.2, UDP port number to 49, and shared key to
sharekey for the primary and secondary authorization servers of the HWTACACS
scheme 3Com.
[3Com-hwtacacs-3Com] authorization primary ip 10.110.1.2 port 49 key
sharekey
View This command can be used in the following views:
■ HWTACACS view
Description The primary and secondary authorization servers cannot use the same IP address.
Otherwise, the system will prompt unsuccessful configuration.
If you execute this command repeatedly, the new settings will replace the old settings.
You can remove a server that cannot be removed otherwise, only when it is not used
by any active TCP connection for sending authorization packets.