Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
432
Views
0
Helpful
1
Replies

Logging certificate authentication

patrickdonlon
Level 1
Level 1

‎04-27-2012 01:15 AM

We have a solution where user vpn to a router and use cert's for authentication. This works fine but there is no record of who's logged in and for how long, what's the best practice for logging the accounting information?

Labels:
0 Helpful
1 Reply 1

Marcin Latosiewicz
Cisco Employee
Cisco Employee

‎04-27-2012 01:38 AM

RADIUS accounting is your best choice. 

R3(config)#crypto isakmp profile PRO
% A profile is deemed incomplete until it has match identity statements
R3(conf-isa-prof)#?
Crypto ISAKMP Profile Commands are:
  accounting        Enable AAA Accounting for IPSec Sessions

or 

R3(config)#crypto map MAP client accounting list ?
  WORD  Named accounting list.

HTH,

M.

0 Helpful
Customers Also Viewed These Support Documents