03-23-2005 05:45 AM
Is there anyway possible to do this? I have my switches and routers logging to a syslog server but generally the only way I know that someones been in there is the syslog that is generated when they leave configuration mode. I'd really like to be able to log all loging attemps successful or unsuccessful to the routers and switches.
I'm using RSA/ACE via Radius to authenticate users to the devices.
03-23-2005 12:50 PM
Jason
I do not believe that there is a way to send this information to syslog.
I am accomplishing the same objective at a customer site using aaa accounting. We generate an aaa accounting record to our ACS server for each login so we do have a record of who logged in to any of our routers or switches (and time and date and address from which they logged in). Also our ACS server maintains a record of every failed login attempt. Our ACS server is running tacacs but I assume that the same capabilities are available in radius.
HTH
Rick
03-24-2005 05:02 AM
Thank you Rick. I am using aaa accouting right now for the logins but I'm unable to display that info in my monitoring program so thats the reason I'm looking for a syslog solution.
I did come up with using an ACL on the VTY's and logging those connections. It's not entirely what I was hoping for but it works.
Jason
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide