11-29-2007 02:41 AM - edited 03-10-2019 03:32 PM
I have deplyed acs appliance 1113 with acsver4.1
commands given are
aaa new-model
aaa authentication username-prompt ACS_FAIL_USE_LOCAL_UserID:
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authorization console
aaa authorization config-commands
aaa authorization exec default group tacacs+ local
aaa authorization commands 15 default group tacacs+ local
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
aaa accounting network default start-stop group tacacs+
aaa accounting connection default start-stop group tacacs+
aaa accounting system default start-stop group tacacs+
authetication authorixation is done and also works for a part of accounting but it is not showing the cmd and cmd-arg of tacasa+ accounting
the debug aaa accounting is
016097: Nov 29 16:08:45.604 IND: AAA/ACCT/CMD: User manish, Port tty1, Priv 15:
"show running-config <cr>"
016098: Nov 29 16:08:45.604 IND: AAA/ACCT/CMD: Found list "default"
016099: Nov 29 16:08:45.668 IND: AAA/ACCT: user manish, acct type 3 (1816760447)
: Method=tacacs+ (tacacs+)
016100: Nov 29 16:08:46.060 IND: TAC+: (1816760447): received acct response stat
us = SUCCESS
Date Time User-Name Group-Name Caller-Id Acct-Flags elapsed_time service bytes_in bytes_out paks_in paks_out task_id addr NAS-Portname NAS-IP-Address cmd cmd-arg priv-lvl status AAA Server err_msg event-id
11/29/2007 14:43:21 manish Network Administrator 172.16.4.141 stop 137 shell 129 tty6 172.16.4.20 1 DELIVERANCE1
11/29/2007 14:43:35 manish Network Administrator 172.16.4.141 start shell 131 tty6 172.16.4.20 1 DELIVERANCE1
11/29/2007 14:43:39 manish Network Administrator NAS Port re-used 4 131 tty6 172.16.4.20 DELIVERANCE1
11/29/2007 14:46:38 manish Network Administrator 172.16.4.141 start shell 133 tty7 172.16.4.20 1 DELIVERANCE1
11/29/2007 14:46:41 manish Network Administrator NAS Port re-used 3 133 tty7 172.16.4.20 DELIVERANCE1
11/29/2007 14:46:45 manish Network Administrator 172.16.4.141 stop 190 shell 131 tty6 172.16.4.20 1 DELIVERANCE1
11/29/2007 14:50:09 manish Network Administrator 172.16.4.141 start shell 4035 tty1 172.16.4.4 1 DELIVERANCE1
11/29/2007 14:50:24 manish Network Administrator 172.16.4.141 stop 226 shell 133 tty7 172.16.4.20 1 DELIVERANCE1
11-29-2007 08:22 AM
there will a well known bug with version 4.1.
go to cisco and download a patch for it. After
you apply the patch, it will work after that.
11-29-2007 09:08 AM
This is a known issue, you need to apply patch ACS 4.1.1.23.5 to fix the issue.
Patch for appliance is available on
http://www.cisco.com/cgi-bin/tablebuild.pl/acs-soleng-3des
Patch name : ACS SE 4.1.1.23.5 accumulative patch
Patch for acs windows is availble on
http://www.cisco.com/cgi-bin/tablebuild.pl/acs-win-3des')">http://www.cisco.com/cgi-bin/tablebuild.pl/acs-win-3des<
Patch Name : ACS 4.1.1.23.5 accumulative patch
That should fix the issue,
Regards,
Jagdeep
Note: If that answers your question, then please mark this thread as resolved, so that others can benefit from it.
11-30-2007 08:51 AM
Hi
I have acs 1113 and swceen is locked so tell me how to update the paches into it
12-02-2007 10:27 PM
kevin.jones1 ,jagdeep
Hi please tell me hpw to update these paches in cisco appliance 1113 .
12-02-2007 10:29 PM
kevin.jones1 ,jagdeep
the url which you told me is not working can you pelase check it and tell me
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide