Question about services provided by ACS

Unanswered Question
Oct 2nd, 2007
User Badges:

Hi I have a question in regards to tracking users. My company is looking into getting an ACS server but they also would like to know it is able to track user log on and off and from what location. Is that possible with the ACS? And is the ACS able to access the external networking devices if it is on the inside of the firewall?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Richard Burts Tue, 10/02/2007 - 10:13
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN


We configure our Cisco routers and switches to use ACS for authentication, authorization, and accounting. Our ACS has very nice reporting that shows what user ID, logged in and logged out, and what device it was on and the source address for the access.

Whether the ACS from inside the firewall could access devices outside the firewall would depend on what rules are configured on the firewall. If the firewall rules permit the access then the ACS should be able to access devices outside the firewall.



darpotter Wed, 10/03/2007 - 00:10
User Badges:
  • Silver, 250 points or more

The reporting capabilities of ACS itself are very limited - literally to listing the accounting records and some basic filtering.

If you need management level reports take a look at extraxi aaa-reports! You can import the accounting, passed & failed logs for a whole raft of canned reports including management summaries.

Also, with the query builder you can drill down into the data to look for specific events etc. to create custom reports.

csvsync can collect log files from your ACSs without having to deploy the remote agent.


This Discussion