cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
471
Views
0
Helpful
3
Replies

ACS config Problem

wasiimcisco
Level 1
Level 1

I have ACS solution engine, I made a NDG on ACS and add AAA server and AAA client. I also made a user in default group 1. The same user exist

in rotuer local database just on the safe side. But I am not able to see any activitiy in ACS reporting window,

not able to see any logged user in ACS.

The following is the configuration that I did on ACS engine and router

aaa authentication login default group tacacs+ local

aaa authorization exec authorization group tacacs+ local

aaa accounting commands 15 accounting start-stop group tacacs+

username cisco password cisco123

tacacs-server host 172.28.31.132

tacacs-server key <tacacs-shared-key>

ip tacacs source-interface gig 0/1

username cisco password cisco123

3 Replies 3

Jagdeep Gambhir
Level 10
Level 10

You mean you can authenticate fine but do not see any command accounting ? If that is the case,then pls note that Command accounting logs are stroed in tacacs administration logs.

Also there is a known issue on ver 4.1.1 and we need to apply patch ACS 4.1.1.23.5 to fix the command accounting issue.

Patch for appliance is available on

http://www.cisco.com/cgi-bin/tablebuild.pl/acs-soleng-3des

Patch name : ACS SE 4.1.1.23.5 accumulative patch

Patch for acs windows is available on

http://www.cisco.com/cgi-bin/tablebuild.pl/acs-win-3des

Patch Name : ACS 4.1.1.23.5 accumulative patch

That should fix the issue,

Regards,

~JG

but I am not able to see complete logging of all commands that I am using during the session. I configure the following things on router

aaa new-model

aaa authentication login default group radius local

aaa authorization exec authorization group radius

aaa accounting commands 15 accounting start-stop group radius

aaa accounting exec default start-stop group radius

aaa accounting network default start-stop group radius

radius-server host 172.28.31.132

radius-server key waridtel0321

ip radius source-interface gig 0/1

Please tell me how i can see which activities user has performed during the session. detail of command.

Can i use tacacs for authentication and radius for accounting. I tried it but it didnt work for me.

Please guide I will be very greatful to you.

in Tacacs accounting CSV file, it shows me only login time, user id and service shell, i want to see detail of command that user has used during the session.

I have attached both CSV files that i got when trying with tacacs and radius for accounting.

Command accounting is only possible via Tacacs and not radius.

So you need to use tacacs and these logs would be logged in tacacs administration logs.

Regards,

~JG

Do rate helpful posts