Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
344
Views
0
Helpful
1
Replies

Cisco FTD - AAA (Accounting only) to extenral radius server

a1181231
Beginner
Beginner

‎05-12-2023 12:12 AM - edited ‎05-12-2023 05:05 AM

Recently, I am trying to migrate AAA accounting setting of cisco firewall from ASA to FTD. In old ASA, I have some commands like.

aaa accounting command PRIVILEGE 15 RADIUS

aaa accounting ssh console RADIUS

aaa accounting serial console RADIUS

aaa accounting enable console RADIUS

However it seems that the CLI is something different in FTD platform?

 

I also checked the managment access page to setup.

a1181231_0-1683874617084.png

a1181231_1-1683874691147.png

The radius server setting only allow authenication and authorization, but no accounting? I mean, if I login by cisco local account, how can I see login log from external server?

I see that the device login/logout log stored locally is what I needed, but there is no button to export it to external radius.

DeviceAdministrationSummary.PNG

Or I should use syslog instead to radius accounting to monitor administrative action?

Thanks.

 

0 Helpful
1 Reply 1