Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
881
Views
0
Helpful
3
Replies

TACACS+

Tuba
Cisco Employee
Cisco Employee

‎10-08-2019 11:00 AM

I want to keep track of the change in ACL in ASA by using TACACS+ accounting, by determining the user, command, time,... 

 

I have the following command in ASA:

 

aaa-server ********* protocol tacacs+

aaa-server ********* (inside) host x.x.x.x

aaa-server ********* (inside) host y.y.y.y

aaa-server ********* (inside) host z.z.z.z

aaa-server ********* (inside) host f.f.f.f

aaa authentication enable console ********* LOCAL

aaa authentication ssh console ********* LOCAL

aaa authentication http console ********* LOCAL

aaa authorization command *********

aaa accounting ssh console *********

 

what configuration should I add in ASA and ACS to enable this feature?

Labels:
0 Helpful
3 Replies 3

Marius Gunnerud
VIP
VIP

‎10-08-2019 01:56 PM

aaa authorization command *********

aaa accounting ssh console *********

these commands enable command and user accounting.  Though I might suggest adding aaa accounting serial ******** incase anyone connects to the console port and makes changes.

--
Please remember to select a correct answer and rate helpful posts
0 Helpful

Tuba
Cisco Employee
Cisco Employee
In response to Marius Gunnerud

‎10-15-2019 11:47 PM

Can you tell me which is better to use ACL log or TACACS accounting to keep track of changes?

0 Helpful

Marius Gunnerud
VIP
VIP
In response to Tuba

‎10-15-2019 11:51 PM

For changes I would suggest TACACS accounting

--
Please remember to select a correct answer and rate helpful posts
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card