https://community.cisco.com/t5/network-access-control/logging-ras-access/m-p/369970#M433095 <HTML><HEAD></HEAD><BODY><P>I believe from the original post that they want a record of who has dialed in to their RAS server and that they are attempting to create that record via syslog.</P><P></P><P>There are not so many good options for creating this record to syslog: some versions of IOS have a call tracking feature which sends records to syslog. I tested it at a customer site where I was helping them do some dial up work. I found the reporting to be very verbose and we ultimately decided not to use this feature. The code for call tracking may or may not be supported in your router.</P><P></P><P>The other option to send records to syslog is the option to use debug which the original post indicated that they have done.</P><P></P><P>I believe that Paddy is on the right track with his last suggestion. Instead of looking to syslog for teh solution they should look to their radius authentication server for the solution. It is easy to turn on accounting in aaa and send records to the server which will include when the session started, when the session ended, the ID of the dial in user, and some other information which they may find useful.</P><P></P><P>The accounting record was the solution which my customer decided to use. I think it would fit well as the solution for the question asked here.</P><P></P><P>HTH</P><P></P><P>Rick</P></BODY></HTML> Fri, 10 Dec 2004 19:56:12 GMT Richard Burts 2004-12-10T19:56:12Z https://community.cisco.com/t5/network-access-control/logging-ras-access/m-p/369968#M433093 <P>Hi,i have a Router 3640 with 4 bri interface.</P><P>Router 3640 working as Ras and it authenticate user with Radius Server.</P><P>Radius authentication working good.</P><P>I configured a Syslog logging but during authentication process my Syslog Server doesn't receive Radius logging data</P><P>If i enable radius debug in console my Syslog can receive Radius logging data.</P><P></P><P>Please show me how i have to correctly configure Syslog.</P><P>Many thanks</P><P></P><P>version 12.2</P><P>service timestamps debug uptime</P><P>service timestamps log datetime</P><P>service password-encryption</P><P>!</P><P>hostname RasCisco</P><P>!</P><P>boot system flash flash:c3640-i-mz.122-15.T14.bin</P><P>logging queue-limit 100</P><P>logging buffered 4096 debugging</P><P>no logging console</P><P>enable password xxxx</P><P>!</P><P>username decras password xxxx</P><P>username ibm password xxx</P><P>modem country mica italy</P><P>aaa new-model</P><P>!</P><P>!</P><P>aaa authentication login default group radius local</P><P>aaa authentication ppp default group radius local</P><P>aaa authorization exec default group radius local </P><P>aaa session-id common</P><P>ip subnet-zero</P><P>!</P><P>!</P><P>!</P><P>async-bootp dns-server 192.168.2.1</P><P>async-bootp nbns-server 192.168.2.1</P><P>isdn switch-type basic-net3</P><P>!</P><P>modemcap entry TAC:MSC=&amp;F&amp;D2S34=18000S40=10S54=456debugthismodemS71=4</P><P>!</P><P>!</P><P>!</P><P>interface Loopback0</P><P> ip address 192.168.1.2 255.255.255.0</P><P>!</P><P>interface Ethernet0/0</P><P> ip address 192.168.3.100 255.255.255.0</P><P> half-duplex</P><P> no cdp enable</P><P>!</P><P>interface TokenRing0/0</P><P> no ip address</P><P> shutdown </P><P> ring-speed 16</P><P> no cdp enable</P><P>!</P><P>interface BRI1/0</P><P> no ip address</P><P> encapsulation ppp</P><P> isdn switch-type basic-net3</P><P> isdn incoming-voice modem</P><P> isdn static-tei 0</P><P> no cdp enable</P><P>!</P><P>interface BRI1/1</P><P> no ip address</P><P> encapsulation ppp</P><P> isdn switch-type basic-net3</P><P> isdn incoming-voice modem</P><P> isdn static-tei 0</P><P> no cdp enable</P><P>!</P><P>interface BRI1/2</P><P> no ip address</P><P> encapsulation ppp</P><P> isdn switch-type basic-net3</P><P> isdn incoming-voice modem</P><P> isdn static-tei 0</P><P> no cdp enable</P><P>!</P><P>interface BRI1/3</P><P> no ip address</P><P> encapsulation ppp</P><P> isdn switch-type basic-net3</P><P> isdn incoming-voice modem</P><P> isdn static-tei 0</P><P> no cdp enable</P><P>!</P><P>interface Group-Async1</P><P> ip unnumbered Ethernet0/0</P><P> encapsulation ppp</P><P> ip tcp header-compression</P><P> no ip mroute-cache</P><P> async mode dedicated</P><P> peer default ip address pool bologna</P><P> no keepalive</P><P> ppp authentication pap chap ms-chap</P><P> group-range 65 70</P><P>!</P><P>ip local pool bologna 192.168.3.10 192.168.3.20</P><P>no ip http server</P><P>ip classless</P><P>ip route 0.0.0.0 0.0.0.0 192.168.3.254</P><P>!</P><P>!</P><P>!</P><P>logging trap debugging</P><P>logging 192.168.2.10</P><P>no cdp run</P><P>radius-server host 192.168.2.10 auth-port 1645 acct-port 1646</P><P>radius-server key xxxx</P><P>radius-server authorization permit missing Service-Type</P><P>!</P><P>line con 0</P><P>line 65 70</P><P> flush-at-activation</P><P> script reset default</P><P> logging synchronous level all</P><P> modem Dialin</P><P> modem autoconfigure type TAC</P><P> autoselect during-login</P><P> autoselect ppp</P><P>line aux 0</P><P>line vty 0 4</P><P>!</P><P>!</P><P>end</P><P></P><P></P><P></P> Sun, 10 Mar 2019 20:55:30 GMT https://community.cisco.com/t5/network-access-control/logging-ras-access/m-p/369968#M433093 npservice 2019-03-10T20:55:30Z https://community.cisco.com/t5/network-access-control/logging-ras-access/m-p/369969#M433094 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>You config looks fine to me, are you saying that when you use debug radius and someone logs in via radius nothing is passed to your syslog server.</P><P></P><P>Or nothing is logged to your syslog server, however when you enable debug radius then sylog messages are being logged by your syslog server?</P><P></P><P>Also have you considered using AAA Accounting to your radius server?</P><P></P><P>Paddy</P></BODY></HTML> Fri, 10 Dec 2004 12:18:33 GMT https://community.cisco.com/t5/network-access-control/logging-ras-access/m-p/369969#M433094 paddyxdoyle 2004-12-10T12:18:33Z https://community.cisco.com/t5/network-access-control/logging-ras-access/m-p/369970#M433095 <HTML><HEAD></HEAD><BODY><P>I believe from the original post that they want a record of who has dialed in to their RAS server and that they are attempting to create that record via syslog.</P><P></P><P>There are not so many good options for creating this record to syslog: some versions of IOS have a call tracking feature which sends records to syslog. I tested it at a customer site where I was helping them do some dial up work. I found the reporting to be very verbose and we ultimately decided not to use this feature. The code for call tracking may or may not be supported in your router.</P><P></P><P>The other option to send records to syslog is the option to use debug which the original post indicated that they have done.</P><P></P><P>I believe that Paddy is on the right track with his last suggestion. Instead of looking to syslog for teh solution they should look to their radius authentication server for the solution. It is easy to turn on accounting in aaa and send records to the server which will include when the session started, when the session ended, the ID of the dial in user, and some other information which they may find useful.</P><P></P><P>The accounting record was the solution which my customer decided to use. I think it would fit well as the solution for the question asked here.</P><P></P><P>HTH</P><P></P><P>Rick</P></BODY></HTML> Fri, 10 Dec 2004 19:56:12 GMT https://community.cisco.com/t5/network-access-control/logging-ras-access/m-p/369970#M433095 Richard Burts 2004-12-10T19:56:12Z