Good day all,
I just finished installing a brand new server with ACS 4.1.
When this new ACS 4.1 installation is approved, I will retire my old server that has ACS 3.1.
At this point the only problem that I have with ACS 4.1 is with accounting.
I used a test-router with all the necessary config pointing to my old ACS 3.1. Everything is working fine (authentication and accounting). If I enter a command on the test-router it is log on the ACS 3.1.
Now, if I modify the test-router to point to the new ACS 4.1, the ACS 4.1 will authenticate the test-router properly, but will not log any command I enter in the test-router. I did a capture between the test-router and ACS 4.1 and the test-router is sending accounting statement to ACS 4.1.
There is a lot a different config from ACS 3.1 to 4.1, but as far as I can see the config on both ACS is as similar as possible.
Is there anybody out there that was able to have ACS 4.1 to process accounting properly?
Any idea will help.
Here my config:
aaa authentication login default group tacacs+ local
aaa authentication login NO-AUTH none
aaa authorization exec default group tacacs+ local
aaa authorization commands 1 start-stop group tacacs+
aaa authorization commands 15 start-stop group tacacs+
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs
tacacs-server host 192.168.100.16 key *******
(the above command is the only command that I change for pointing to ACS 3.1 or ACS 4.1)
Please use the following link. There is 4.1 accumulative patch which contains the bug fix.
Dont forget to download the readme text file also.
Rate me if this helps.