Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
712
Views
0
Helpful
4
Replies

AAA accounting issue

limtohsoon
Level 1
Level 1

‎01-03-2008 10:52 PM - edited ‎03-10-2019 03:35 PM

Hi Sir,

I have the following AAA accounting commands on an IOS device:

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

aaa accounting network default start-stop group tacacs+

aaa accounting system default start-stop group tacacs+

On the ACS server, I checked the TACACS+ Accounting logs. Under the "cmd-arg" column, I don't see any commands that user typed on the IOS device being logged.

What am I missing? Please advise.

Thank you.

B.Rgds,

Lim TS

Labels:
0 Helpful
4 Replies 4

Premdeep Banga
Level 7
Level 7

‎01-04-2008 06:29 AM

You need to check TACACS+ Administration logs not Accounting logs.

And if you have ACS version 4.1(1) Build 23.

Then you need to patch that version to over come a known issue regarding Command Accounting on ACS.

http://www.cisco.com/cgi-bin/tablebuild.pl/acs-win-3des

- Acs-4.1.1.23.5-SW.zip

- Acs-4.1.1.23.5-Readme.txt

Regards,

Prem

0 Helpful

limtohsoon
Level 1
Level 1
In response to Premdeep Banga

‎01-04-2008 07:07 AM

Hi Prem,

I forgot to mention it is an ACS Solution Engine version 4.1(1) Build 23.

I found one patch, which is, acs_hotfix_kb828028.zip.

Is this the only patch I need to apply on the ACS SE? I'm not very familiar because this is my first deployment of ACS SE.

What about my AAA accounting commands on the IOS devices? Are they correct?

Please advise further.

Thank you.

B.Rgds,

Lim TS

0 Helpful

cisco24x7
Level 6
Level 6
In response to limtohsoon

‎01-04-2008 08:16 AM

I would use the following:

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 0 default start-stop group tacacs+

aaa accounting commands 1 default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

aaa accounting network default start-stop group tacacs+

aaa accounting connection default start-stop group tacacs+

aaa accounting system default start-stop group tacacs+

aaa accounting resource default start-stop group tacacs+

aaa accounting resource default start-stop group tacacs+

CCIE Security

0 Helpful

Premdeep Banga
Level 7
Level 7
In response to limtohsoon

‎01-05-2008 12:31 PM

Hi Lim,

As you have ACS SE 4.1(1) Build 23, you are definitely hitting the accounting bug, you need to apply following patch,

http://www.cisco.com/cgi-bin/tablebuild.pl/acs-soleng-3des

- applACS-4.1.1.23.5.zip

- applAcs-4.1.1.23.5.txt

Regards,

Prem

0 Helpful
Customers Also Viewed These Support Documents