topic Re: ACS config Problem in Network Access Control

ACS config Problem

wasiimcisco — Sun, 10 Mar 2019 22:48:16 GMT

I have ACS solution engine, I made a NDG on ACS and add AAA server and AAA client. I also made a user in default group 1. The same user exist

in rotuer local database just on the safe side. But I am not able to see any activitiy in ACS reporting window,

not able to see any logged user in ACS.

The following is the configuration that I did on ACS engine and router

aaa authentication login default group tacacs+ local

aaa authorization exec authorization group tacacs+ local

aaa accounting commands 15 accounting start-stop group tacacs+

username cisco password cisco123

tacacs-server host 172.28.31.132

tacacs-server key <tacacs-shared-key>

ip tacacs source-interface gig 0/1

username cisco password cisco123

Re: ACS config Problem

Jagdeep Gambhir — Mon, 21 Apr 2008 20:32:11 GMT

You mean you can authenticate fine but do not see any command accounting ? If that is the case,then pls note that Command accounting logs are stroed in tacacs administration logs.

Also there is a known issue on ver 4.1.1 and we need to apply patch ACS 4.1.1.23.5 to fix the command accounting issue.

Patch for appliance is available on

http://www.cisco.com/cgi-bin/tablebuild.pl/acs-soleng-3des

Patch name : ACS SE 4.1.1.23.5 accumulative patch

Patch for acs windows is available on

http://www.cisco.com/cgi-bin/tablebuild.pl/acs-win-3des

Patch Name : ACS 4.1.1.23.5 accumulative patch

That should fix the issue,

Regards,

~JG

Re: ACS config Problem

wasiimcisco — Mon, 21 Apr 2008 23:30:58 GMT

but I am not able to see complete logging of all commands that I am using during the session. I configure the following things on router

aaa new-model

aaa authentication login default group radius local

aaa authorization exec authorization group radius

aaa accounting commands 15 accounting start-stop group radius

aaa accounting exec default start-stop group radius

aaa accounting network default start-stop group radius

radius-server host 172.28.31.132

radius-server key waridtel0321

ip radius source-interface gig 0/1

Please tell me how i can see which activities user has performed during the session. detail of command.

Can i use tacacs for authentication and radius for accounting. I tried it but it didnt work for me.

Please guide I will be very greatful to you.

in Tacacs accounting CSV file, it shows me only login time, user id and service shell, i want to see detail of command that user has used during the session.

I have attached both CSV files that i got when trying with tacacs and radius for accounting.

Re: ACS config Problem

Jagdeep Gambhir — Tue, 22 Apr 2008 13:52:04 GMT

Command accounting is only possible via Tacacs and not radius.

So you need to use tacacs and these logs would be logged in tacacs administration logs.

Regards,

~JG

Do rate helpful posts