01-04-2013 10:38 PM - edited 03-10-2019 07:56 PM
Hello,
With TACACS+ we can have (TACACS+ Administration) Logfile on ACS that shows users activity. but with radius there is no such logfile to show usres activity. i want to know is anyother way how to check users activity while using radius-server ?
Regards,
01-05-2013 12:06 PM
Favorite Reports > RADIUS Authentications - Today
01-05-2013 07:31 PM
Sorry, but there is no Favorite-Reports>RADIUS Auth option. I'm using ACS 4.2
01-05-2013 09:16 PM
Hi Imran,
Hope you are refering to Radius Authentication Logs here..
For ACS 4.2 go to Report and Activity --> Passed Authentication or Failed Authentication to see the Radius Logs.
Also please be aware that in order to see these logs you need to ensure that Logging in enabled on the System Configuration--> Logging as below using the ticking CSV.
Hope this helps
Regards
Najaf
Please rate when applicable or helpful !!!
01-05-2013 10:42 PM
Hello Najaf,
What you are indecating is authentication, that logfile only shows Authenticated Users, But not thier activities. I want to view what the users are doing? which sources they are accessing ...any other activities...etc
Example- with Tacacs+ Server- it is possible to veiw what commands the user enters.....
01-05-2013 11:53 PM
Hi Waheed,
I now understand what you are looking for..But unfortunately Radius does not provide this function :-(
Even though Radius and TACACS+ are main protocol typically used for AAA services on network devices, RADIUS was designed to authenticate and log dial-up remoe users to a network and TACACS+ is used mostly commonly for administrator access to network devices.
RADIUS doesn't log the commands used by the administrator. It will only log the start,stop,time/date, username, type of connection, amount of time logged in, and bytes transferred. The TACACS+ protocol was developed to resolve these issues. With TACACS+ each command enter by the user is sent back to ACS for authorization, which then check the command against an authorized list of commands for each user or group.
In short RADIUS does not offer any command logging and hence you will not be able to see them on any report like what you are seeing for TACACS
Hope this helps.
Regards
Najaf
Please rate when applicable or helpful !!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide