Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1084
Views
0
Helpful
1
Replies

How to check command run by user onn device using ACS (4.1)

Go to solution
csco11522833
Level 1
Level 1

‎04-20-2018 09:59 PM - edited ‎02-21-2020 10:54 AM

Hi I am running ACS 4.1. I want to check command run by user on the device. How can I check. AAA config of the device is as follows:-

 

aaa-server ADMIN protocol tacacs+
aaa-server ADMIN (OUTSIDE) host x.x.x.x
aaa-server ADMIN (OUTSIDE) host x.x.x.x
aaa authentication ssh console ADMIN LOCAL
aaa authentication enable console ADMIN LOCAL
aaa authentication http console ADMIN LOCAL
aaa accounting command ADMIN
aaa accounting ssh console ADMIN
aaa accounting enable console ADMIN

 

 

 

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee

‎04-21-2018 12:42 PM

You have to configure command authorization on the ASA too.

aaa authorization command ADMIN LOCAL

NOTE: Before you enter the command, ensure your ASA can talk to TACACS server via OUTSIDE interface.

https://www.youtube.com/watch?v=JzBmIuTGg-M

 

~Jatin

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee

‎04-21-2018 12:42 PM

You have to configure command authorization on the ASA too.

aaa authorization command ADMIN LOCAL

NOTE: Before you enter the command, ensure your ASA can talk to TACACS server via OUTSIDE interface.

https://www.youtube.com/watch?v=JzBmIuTGg-M

 

~Jatin
0 Helpful
Customers Also Viewed These Support Documents