01-31-2011 03:57 PM - edited 03-10-2019 05:46 PM
Hello,
What do i need to do to set up monitoring ACS 5.1. The userguide shows that the folowing commands need to be allowed on the NAD,
1.
logging monitor informational
2.
logging origin-id ip
3.
logging hostlogging host
ip transport udp port 20514—where ip is the IP address of the Log Collector in your network.4.
epm logging
Cisco IOS does not support some of these commands and ACS CLI do not support it. How do I get this working. As of now in the dashboard I dont get any details at all
Thanks
01-31-2011 04:59 PM
Looks like would like ACS to act as a syslog server for Network access devices. This is not a worth while feature to use.
Out of these 4 commands,epm logging won't work.
–logging monitor informational
–logging origin-id ip
–logging host ip transport udp port 20514—where ip is the IP address of the Log Collector in your network.
–epm logging
ACS view is meant to process the syslog messages primarily related to AAA and not for processing any syslog messages ACS is giving a parse failure when receiving syslogs from device. Only a very specific subset of syslog is supported. Other syslog message will give errors on ACS.
This feature is not fully operational.
CSCth66621 ACS 5 giving "parse failure" when receiving syslogs
HTH
Regards,
Jatin
Do rate helpful posts~
01-31-2011 05:04 PM
Hello Jatin,
Thanks for the reply,
How do I get the monitoring and reporting page to show data if I dont get the NAD to send logs on port 20514. I cant even configure the udp port 20514 on the device since there is no option. There is no fw also between the swicthes and the ACS.
Any idea to make the monitoring tab to show data?
Thanks
01-31-2011 05:21 PM
Why you want to configure ACS as a syslog server? What kind of logs you want to see on the ACS being sent by the NAD.
Even if you don't configure NAD with all those commands, you would be able to see
radius: passed, failed, accounting
tacacs: passed,failed,accounting
And, I think this is wat you're looking for, correct? If yes, then for this we don't need to configure those commands.
FYI, I tried all those commands on ly router and it did take all except epm logging.
HTH
Rgds, Jatin
Do rate helpful posts~
01-31-2011 05:25 PM
Well these switches dont accept these commands. The client requires this feature to be able to see authentications passed or failed from the interface. The switch IOS version is 12.1(22). Maybe they dont support these commands
Thanks
01-31-2011 05:30 PM
That is what I said, normal passed/ failed/accounting will always happens as you must have AAA commands.
These commands have introduced to make ACS as a syslog server so that we can only see syslog messages, that's not the case with you.
You will be ble to see all those command using AAA authentication/authorization/accounting commands.
HTH
Regds, Jatin
Do rate helpful posts~
02-01-2011 02:42 AM
Sid,
Did my last reply answer your question? Do you still have any doubt?
Rgds, Jatin
Do rate helpful posts~
02-01-2011 02:45 AM
Hello Jatin,
Yes thats what I have been tried to do on this router but it wont authenticate. This router has the IOS version that will allow these commands. Once it authenticates then i will know
Thanks
02-01-2011 05:18 PM
Hello Jatin
This issue has been resolved. There is a known bug in ACS 5.1.0.44 that if you configure clock set on the CLI then the view-logprocessor will not start. You can view this by the command show application status acs. So I had to remove the clock set command and restart ACS. Then it works fine.
Thanks for all your help regarding this issue.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: