09-21-2009 07:40 AM - edited 03-10-2019 04:41 PM
How do i check to see user activity once its enabled on my ASA? I need help setting up the AAA on a radius server as well in regards to where i set up the server secret key?
Help!
09-21-2009 08:53 AM
Hi Himg,
What type of activity you are looking for ? If you are looking Command accounting, then that is a feature of tacacs server and not radius.
This link with help you with setting up radius authentication.
http://cisco.com/en/US/products/ps6120/products_configuration_example09186a00808c18ff.shtml
Let me know if you have any question.
Regards,
~JG
Do rate helpful posts
09-21-2009 09:01 AM
Maybe i can go about this another way...
What about this....
I basically want to know when a user logs off and back on WEBVPN. I really dont want to associate to a Radius nor a TACACS. I want to keep all the users to authenticate locally on the ASA. What all do i need to do?
THanks a bunch!
09-21-2009 09:55 AM
radius accounting files contain the following info:
User session's start and stop time frame
AAA client message with username
callier line identification info
session duration
In order to configure this for webvpn user, you need to add this command under webvpn default tunnel group
accounting-server-group
In oder to check share sceret key for any aaa client. Go to network configuration > NDG (if any) > aaa client edit > look for shared secret key.
HTH
Regards,
JK
09-21-2009 10:19 AM
if i add the shared secret key on the ASA, where do i add the same key on the radius server?
09-21-2009 10:30 AM
Hi,
You can define the shared secret key while adding ASA as a AAA client on the ACS.
Check this for more info:
Adding AAA client
HTH
Regards,
JK
09-21-2009 10:49 AM
thank you..
i have never downloaded the ACS before..which one do i download?
09-21-2009 10:55 AM
Hi,
You download Cisco Secure Access Control Server 90 Day Software Evaluation
http://www.cisco.com/kobayashi/sw-center/ciscosecure/cs-acs.shtml
HTH
Regards,
JK
09-21-2009 10:59 AM
Hi Himg,
Actually the location has changed. Here is the link to download ACS Eval version.
http://www.cisco.com/cgi-bin/tablebuild.pl/acs-win-eval
Regards,
~JG
Do rate helpful posts
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide