- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-20-2018 09:59 PM - edited 02-21-2020 10:54 AM
Hi I am running ACS 4.1. I want to check command run by user on the device. How can I check. AAA config of the device is as follows:-
aaa-server ADMIN protocol tacacs+
aaa-server ADMIN (OUTSIDE) host x.x.x.x
aaa-server ADMIN (OUTSIDE) host x.x.x.x
aaa authentication ssh console ADMIN LOCAL
aaa authentication enable console ADMIN LOCAL
aaa authentication http console ADMIN LOCAL
aaa accounting command ADMIN
aaa accounting ssh console ADMIN
aaa accounting enable console ADMIN
Solved! Go to Solution.
- Labels:
-
Other NAC
Accepted Solutions

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-21-2018 12:42 PM
You have to configure command authorization on the ASA too.
aaa authorization command ADMIN LOCAL
NOTE: Before you enter the command, ensure your ASA can talk to TACACS server via OUTSIDE interface.
https://www.youtube.com/watch?v=JzBmIuTGg-M

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-21-2018 12:42 PM
You have to configure command authorization on the ASA too.
aaa authorization command ADMIN LOCAL
NOTE: Before you enter the command, ensure your ASA can talk to TACACS server via OUTSIDE interface.
https://www.youtube.com/watch?v=JzBmIuTGg-M
