cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

764
Views
0
Helpful
1
Replies
csco11522833
Beginner

How to check command run by user onn device using ACS (4.1)

Hi I am running ACS 4.1. I want to check command run by user on the device. How can I check. AAA config of the device is as follows:-

 

aaa-server ADMIN protocol tacacs+
aaa-server ADMIN (OUTSIDE) host x.x.x.x
aaa-server ADMIN (OUTSIDE) host x.x.x.x
aaa authentication ssh console ADMIN LOCAL
aaa authentication enable console ADMIN LOCAL
aaa authentication http console ADMIN LOCAL
aaa accounting command ADMIN
aaa accounting ssh console ADMIN
aaa accounting enable console ADMIN

 

 

 

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
Jatin Katyal
Cisco Employee

You have to configure command authorization on the ASA too.

aaa authorization command ADMIN LOCAL

NOTE: Before you enter the command, ensure your ASA can talk to TACACS server via OUTSIDE interface.

https://www.youtube.com/watch?v=JzBmIuTGg-M

 

~Jatin

View solution in original post

1 REPLY 1
Jatin Katyal
Cisco Employee

You have to configure command authorization on the ASA too.

aaa authorization command ADMIN LOCAL

NOTE: Before you enter the command, ensure your ASA can talk to TACACS server via OUTSIDE interface.

https://www.youtube.com/watch?v=JzBmIuTGg-M

 

~Jatin
Create
Recognize Your Peers
Content for Community-Ad

ISE Webinars


Miss a previous ISE webinar?
Never miss one again!

CiscoISE on YouTube