cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
897
Views
0
Helpful
1
Replies

urgent -- tacacs accounting

Mohamed Sobair
Level 7
Level 7

Hi All,

I am using tacacs+ for authentication, i already configured the cisco router and enabled accounting for commands to be logged. commands issued at privilege/config modes are being logeed perfectly but commands issued at interface level are not...

Have any one idea about the reason or some one run through the same issue.

I am attaching the configuration applied at cisco router , I would appreciate any feedback,

Best Regards,

1 Reply 1

JORGE RODRIGUEZ
Level 10
Level 10

The problem might be on your command level. Bellow is a working script we setup in our network which records all commands including interfaces.

aaa new-model

aaa authentication login default group tacacs+ line

aaa authentication login no_tacacs line

authentication enable default group tacacs+ enable

aaa authorization commands 0 default group tacacs+ none

aaa authorization commands 1 default group tacacs+ none

aaa authorization commands 15 default group tacacs+ none

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 0 default stop-only group tacacs+

aaa accounting commands 1 default stop-only group tacacs+

aaa accounting commands 15 default stop-only group tacacs+

aaa accounting system default stop-only group tacacs+

tacacs-server host x.x.x.x

tacacs-server host x.x.x.x

tacacs-server host x.x.x.x

tacacs-server timeout 3

tacacs-server directed-request

tacacs-server key xxxxx

Im sure you have seen docs on this but here is one in case.

http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_command_reference_chapter09186a00800ca6d9.html#1019013

Hope this helps

Jorge

Jorge Rodriguez
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: