What are the restrictions on using HWTACACS

1

The HWTACACS template used by users, bound to domains, or referenced by accounting stop packets cannot be deleted.

If the HWTACACS server is sending packets, the server IP address cannot be changed.

Other related questions:
Restrictions and precautions for using OSPF
Restrictions and precautions for using OSPF are as follows: To establish an OSPF neighboring relationship, devices need to exchange DD packets. DD packets are OSPF unicast packets. By default, OSPF unicast packets are not forwarded under the control of security policies. Therefore, you need to configure a security policy on the FW to permit the OSPF packets between the Local zone and the security zone where the neighboring device resides. Otherwise, the OSPF neighboring relationship fails to be established. Or you can run the undo firewall packet-filter basic-protocol enable command to disable the function of security policy control over OSPF unicast packets. After that, the firewall directly forwards OSPF unicast packets even if a security policy whose action is deny is configured.

What are limitations on configuring HWTACACS on an AR
On the AR, there are the following constraints for HWTACACS authentication configuration: - The HWTACACS server template that are in use, bound to domains, or referenced by accounting-stop packets cannot be deleted. - If the TACACS server is sending packets, the server's IP address cannot be changed.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top