cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

2126
Views
0
Helpful
1
Replies
Ali Razavi
Beginner

AAA Accounting to Log Commands to Windows 2008 NPS

Hi everyone,

We have configured our Cisco devices to use Windows 2008 NPS for radius.  However, we are unable to configure aaa accounting for priv 15 commands to use the same radius servers for logging privileged mode commands.  During configuration using the following command:

aaa accounting commands 15 default start-stop group RADIUS_SERVERS

I noticed that there are only TACACS+ servers and 'group' categories as options.  After entering the radius servers group, I realized that the command is not saved and when inspecting the logs I saw the following:

The server-group "MF_RAD" is not a tacacs+ server group. Please define "RADIUS_SERVERS" as a tacacs+ server group.

Does this mean that the 'commands' accounting feature ( and probably most others ) can only be enabled when using a TACACS+ server?

Thanks in advance

1 ACCEPTED SOLUTION

Accepted Solutions
Jatin Katyal
Cisco Employee

You got it absolutely right. Command accounting only works with tacacs+. We cannot have command accounting for radius protocol. Radius accounting only gives you start and stop packet of the sessions.

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin

View solution in original post

1 REPLY 1
Jatin Katyal
Cisco Employee

You got it absolutely right. Command accounting only works with tacacs+. We cannot have command accounting for radius protocol. Radius accounting only gives you start and stop packet of the sessions.

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin
Create
Recognize Your Peers
Content for Community-Ad

ISE Webinars


Miss a previous ISE webinar?
Never miss one again!

CiscoISE on YouTube