https://community.cisco.com/t5/network-access-control/tacacs-authentication-request-attributes/m-p/2387964#M88813 <HTML><HEAD></HEAD><BODY><P>Davide, </P><P></P><P>Not exactly the same usage, BUT when you're attempting to authenticate to device via tacacs it would send remote address.</P><P></P><P><IMG src="http://supportforums.cisco.com/sites/default/files/legacy/5/3/3/176335-Screen%20Shot%202014-01-13%20at%2012.59.41%20PM.png" class="jive-image" /></P><P></P><P>What's the use case, if I may know?</P><P></P><P>M.</P></BODY></HTML> Mon, 13 Jan 2014 12:00:25 GMT Marcin Latosiewicz 2014-01-13T12:00:25Z https://community.cisco.com/t5/network-access-control/tacacs-authentication-request-attributes/m-p/2387963#M88812 <P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Hi ALL, </P><P></P><P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; the authentication on a Router 2911 is done via tacacs (ACS 5.1). In the dashboard (or in the reports) of ACS&nbsp; the IP address of the "calling station" (client used for authentication activity) is not reported. If I use RADIUS I could configure the router to send attributes (such as the number 31 = calling-station-id). How can I solve with tacacs protocol instead?</P><P></P><P>Thanks in advance,</P><P></P><P>Davide </P> Mon, 11 Mar 2019 04:16:12 GMT https://community.cisco.com/t5/network-access-control/tacacs-authentication-request-attributes/m-p/2387963#M88812 davide.fichera 2019-03-11T04:16:12Z https://community.cisco.com/t5/network-access-control/tacacs-authentication-request-attributes/m-p/2387964#M88813 <HTML><HEAD></HEAD><BODY><P>Davide, </P><P></P><P>Not exactly the same usage, BUT when you're attempting to authenticate to device via tacacs it would send remote address.</P><P></P><P><IMG src="http://supportforums.cisco.com/sites/default/files/legacy/5/3/3/176335-Screen%20Shot%202014-01-13%20at%2012.59.41%20PM.png" class="jive-image" /></P><P></P><P>What's the use case, if I may know?</P><P></P><P>M.</P></BODY></HTML> Mon, 13 Jan 2014 12:00:25 GMT https://community.cisco.com/t5/network-access-control/tacacs-authentication-request-attributes/m-p/2387964#M88813 Marcin Latosiewicz 2014-01-13T12:00:25Z https://community.cisco.com/t5/network-access-control/tacacs-authentication-request-attributes/m-p/2387965#M88816 <HTML><HEAD></HEAD><BODY><P>Hi Marcin and thanks for your answer. The use case is a simple authentication activity. I've made a check and as you correctly show it is possible to retrieve the IP address of the remote client looking at the details of the log entry. It's very good news! However in the main (live) dashboard that information is not shown... Do you know why?<IMG src="http://supportforums.cisco.com/sites/default/files/legacy/5/4/3/176345-ACS01.jpg" class="jive-image" /></P><P></P><P>Davide.</P></BODY></HTML> Mon, 13 Jan 2014 12:54:41 GMT https://community.cisco.com/t5/network-access-control/tacacs-authentication-request-attributes/m-p/2387965#M88816 davide.fichera 2014-01-13T12:54:41Z https://community.cisco.com/t5/network-access-control/tacacs-authentication-request-attributes/m-p/2387966#M88819 <HTML><HEAD></HEAD><BODY><P>Davide, </P><P></P><P>I think it was conscious design choice, the IP address in administration could be misleading. Although I'm not part of business unit so I'm not the best to comment. </P><P></P><P>If you're looking for a place where it pops up, check accounting logs, you should be able to see the IP address as part of the audit session key. </P><P></P><P><IMG src="http://supportforums.cisco.com/sites/default/files/legacy/6/4/3/176346-Screen%20Shot%202014-01-13%20at%202.14.17%20PM.png" class="jive-image" /></P><P></P><P>M.</P></BODY></HTML> Mon, 13 Jan 2014 13:15:01 GMT https://community.cisco.com/t5/network-access-control/tacacs-authentication-request-attributes/m-p/2387966#M88819 Marcin Latosiewicz 2014-01-13T13:15:01Z https://community.cisco.com/t5/network-access-control/tacacs-authentication-request-attributes/m-p/2387967#M88822 <HTML><HEAD></HEAD><BODY><P>Hi Marcin, </P><P></P><P>could you provide the detailed path to get the "audit session key" report shown above? Our version is ACS 5.1... maybe is missing?</P><P></P><P>Thanks,</P><P></P><P>Davide</P></BODY></HTML> Mon, 13 Jan 2014 13:55:33 GMT https://community.cisco.com/t5/network-access-control/tacacs-authentication-request-attributes/m-p/2387967#M88822 davide.fichera 2014-01-13T13:55:33Z https://community.cisco.com/t5/network-access-control/tacacs-authentication-request-attributes/m-p/2387968#M88824 <HTML><HEAD></HEAD><BODY><P>Davide, </P><P></P><P>No access to 5.1 I'm afraid, at least to one I can test freely. </P><P></P><P><SPAN style="font-size: 10pt;">AAA Protocol &gt; TACACS+ Accounting is where the session key should be visible. </SPAN></P><P></P><P><SPAN style="font-size: 10pt;">Verfied for both IOS and ASA exec accounting. </SPAN></P><P></P><P><SPAN style="font-size: 10pt;">M. </SPAN></P></BODY></HTML> Mon, 13 Jan 2014 14:05:43 GMT https://community.cisco.com/t5/network-access-control/tacacs-authentication-request-attributes/m-p/2387968#M88824 Marcin Latosiewicz 2014-01-13T14:05:43Z https://community.cisco.com/t5/network-access-control/tacacs-authentication-request-attributes/m-p/2387969#M88825 <HTML><HEAD></HEAD><BODY><P>I've found this:</P><P></P><TABLE border="1" cellpadding="3" cellspacing="0" id="wp155292table155286" style="color: #000000; font-size: 12px;" width="80%"><TBODY><TR align="left" valign="top"><TD><P style="font-family: Arial, Helvetica, sans-serif; font-size: 11px; margin: 1px 0em 6px; text-indent: 0em;"><A href="https://www.cisco.com/cisco/psn/bssprt/bss?searchType=bstbugidsearch&amp;page=bstBugDetail&amp;BugID=CSCth31525" target="_blank">CSCth31525</A></P></TD><TD><A name="wp159718"></A><P style="font-family: Arial, Helvetica, sans-serif; font-size: 11px; margin: 1px 0em 6px; text-indent: 0em;">Live authentication report does not show TACACS+ data.</P><A name="wp159737"></A><P style="font-family: Arial, Helvetica, sans-serif; font-size: 11px; margin: 1px 0em 6px; text-indent: 0em;">Symptom: The TACACS+ live authentication report is missing data on some columns, including NAS and IP address.</P><A name="wp159741"></A><P style="font-family: Arial, Helvetica, sans-serif; font-size: 11px; margin: 1px 0em 6px; text-indent: 0em;">Conditions: This problem occurs only on ACS 5.1.</P><A name="wp159745"></A><P style="font-family: Arial, Helvetica, sans-serif; font-size: 11px; margin: 1px 0em 6px; text-indent: 0em;">Workaround: Use one of the other available reports to view this data.</P></TD></TR></TBODY></TABLE><P></P><P>at <A href="http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.2/release/notes/acs_52_rn.html">http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.2/release/notes/acs_52_rn.html</A></P><P></P><P>Unfortunately it's a bug of this specific version...</P><P></P><P>Davide</P></BODY></HTML> Mon, 13 Jan 2014 14:27:26 GMT https://community.cisco.com/t5/network-access-control/tacacs-authentication-request-attributes/m-p/2387969#M88825 davide.fichera 2014-01-13T14:27:26Z https://community.cisco.com/t5/network-access-control/tacacs-authentication-request-attributes/m-p/2387970#M88826 <HTML><HEAD></HEAD><BODY><P>Davide, </P><P></P><P>Good find, this one has not been fixed in any ACS release and is considered an enhancement. </P><P>Go figure... <span class="lia-unicode-emoji" title=":confused_face:">😕</span></P><P></P><P>M. </P></BODY></HTML> Mon, 13 Jan 2014 15:56:56 GMT https://community.cisco.com/t5/network-access-control/tacacs-authentication-request-attributes/m-p/2387970#M88826 Marcin Latosiewicz 2014-01-13T15:56:56Z