Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1071
Views
0
Helpful
2
Replies

ACS 5.0 report: user's ip address information not available

abu_bucker
Level 1
Level 1

‎10-29-2010 04:27 AM - edited ‎03-10-2019 05:31 PM

Hi,

I am using ACS 5.0 for TACACS+ Authentication and Accounting.

I am facing an issue related to reports.

When I click the detail for any failed / passed authentication entry on AAA Protocol > TACACS+ Authentication page, The remote address (under user, just below the username filed) field is empty. The screen shot is attached herewith for reference.

How can I get the remote ip address of the user who (un)successfully tried to get authenticated. Its very important for us as we are getting lots of failed authentication entries, using randon usernames on one of our devices. But we are unabe to trace the source of this attack.


Any help is resolving the issue will be highly appreciated.

Thanks,

Abu Bucker

Labels:
Preview file
11 KB
0 Helpful
2 Replies 2

jchristvnet
Level 1
Level 1

‎10-29-2010 05:03 AM

Hi,

I am using ACS 5.1.0.44-4 and I do get that information (see attached), do you think that you could upgrade your server?

HTH

Christophe

Preview file
49 KB
0 Helpful

abu_bucker
Level 1
Level 1
In response to jchristvnet

‎10-29-2010 05:56 AM

Hi,

Thanks for the clue. I checked the release notes and found the bug id CSCtd37384 ACS View does not display "Remote Address". and this bug has been fixed in 5.1.0.44.2 .

So, I have no option but to upgrade my ACS code.

Thanks,

Abu Bucker

0 Helpful
Customers Also Viewed These Support Documents