05-24-2007 08:59 AM - edited 03-10-2019 03:10 PM
Hi, i would like to know if there is a way to account the commands entered by certain profile log-in to the router/switch using MS IAS method? Currently i'm using IAS radius server from my switches and routers. And i'm having problem in doing an accounting of commands.
Thanks!
05-24-2007 09:22 AM
Actually, I just reviewed the IAS capabilities and you should be able to do accounting. Do you have accounting logging enabled on the IAS server? Do you also have the appropriate AAA accounting commands implemented. Please post your AAA accounting related commands.
Thanks.
05-24-2007 09:27 AM
i see, just last question. Is there any unix/linux based application that can support this accounting of commands aside from Cisco ACS?
06-09-2007 02:28 AM
Not sure, are you talking on the "Remote Acces Logging"? If so, i used the default Local file logs from the IAS server.
Below are my commands.
aaa new-model
aaa authentication login default group radius line
aaa authentication login radius_localcon local-case
aaa authorization exec default group radius if-authenticated
aaa authorization network default group radius
aaa accounting network default start-stop group radius
aaa accounting system default start-stop group radius
radius-server host xx.xx.xx.xx auth-port 1645 acct-port 1646
radius-server source-ports 1645-1646
radius-server key 7 xxxxxxxxxxx
Please feel free to suggest on how i could implement accounting with repsect to the commands that has been entered by the admin users logged-in from my routers/switches using the IAS.
Thanks!
05-26-2007 03:53 PM
Hi,
The Cisco Systems implementation of RADIUS does not support command accounting.
Regards,
Prem
05-30-2007 06:01 AM
Prem is correct. All radius can do in Cisco is send the start and stop bits...no command accounting anyway. try tacacs+. (of course IAS doesn't support this).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide