73 system-view[Router] hwtacacs scheme hwtac# Specify the primary authentication server.[Router-hwtacacs-hwtac] primary authentication 10.1.1.1 49# Specify the primary authorization server.[Router-hwtacacs-hwtac] primary authorization 10.1.1.1 49# Specify the primary accounting server.[Router-hwtacacs-hwtac] primary accounting 10.1.1.1 49# Set the shared keys to expert in plaintext form for secure HWTACACS communication.[Router-hwtacacs-hwtac] key authentication simple expert[Router-hwtacacs-hwtac] key authorization simple expert[Router-hwtacacs-hwtac] key accounting simple expert# Exclude domain names from the usernames sent to the HWTACACS server.[Router-hwtacacs-hwtac] user-name-format without-domain[Router-hwtacacs-hwtac] quit# Create an ISP domain and configure the domain to use the HWTACACS scheme forauthentication, authorization, and accounting of login users.[Router] domain bbb[Router-isp-bbb] authentication login hwtacacs-scheme hwtac[Router-isp-bbb] authorization login hwtacacs-scheme hwtac[Router-isp-bbb] accounting login hwtacacs-scheme hwtac[Router-isp-bbb] quit# Create local RSA and DSA key pairs.[Router] public-key local create rsa[Router] public-key local create dsa# Enable the SSH service.[Router] ssh server enable# Enable the default user role feature to assign authenticated SSH users the default user rolenetwork-operator.[Router] role default-role enable# Enable scheme authentication for user lines VTY 0 through VTY 63.[Router] line vty 0 63[Router-line-vty0-63] authentication-mode scheme[Router-line-vty0-63] quitVerifying the configuration# Initiate an SSH connection to the router, and enter the correct username and password. The userlogs in to the router. (Details not shown.)# Verify that the user can use the commands permitted by the network-operator user role. (Detailsnot shown.)Example: Configuring authentication for SSH users by anLDAP serverNetwork configurationAs shown in Figure 17, an LDAP server is located at 10.1.1.1/24 and uses domain ldap.com.Configure the router to meet the following requirements: