In Tacacs+ accountingcmd argument not coming

Unanswered Question
Nov 29th, 2007

I have deplyed acs appliance 1113 with acsver4.1

commands given are

aaa new-model

aaa authentication username-prompt ACS_FAIL_USE_LOCAL_UserID:

aaa authentication login default group tacacs+ local

aaa authentication enable default group tacacs+ enable

aaa authorization console

aaa authorization config-commands

aaa authorization exec default group tacacs+ local

aaa authorization commands 15 default group tacacs+ local

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 1 default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

aaa accounting network default start-stop group tacacs+

aaa accounting connection default start-stop group tacacs+

aaa accounting system default start-stop group tacacs+

authetication authorixation is done and also works for a part of accounting but it is not showing the cmd and cmd-arg of tacasa+ accounting

the debug aaa accounting is

016097: Nov 29 16:08:45.604 IND: AAA/ACCT/CMD: User manish, Port tty1, Priv 15:

"show running-config <cr>"

016098: Nov 29 16:08:45.604 IND: AAA/ACCT/CMD: Found list "default"

016099: Nov 29 16:08:45.668 IND: AAA/ACCT: user manish, acct type 3 (1816760447)

: Method=tacacs+ (tacacs+)

016100: Nov 29 16:08:46.060 IND: TAC+: (1816760447): received acct response stat

us = SUCCESS

Date Time User-Name Group-Name Caller-Id Acct-Flags elapsed_time service bytes_in bytes_out paks_in paks_out task_id addr NAS-Portname NAS-IP-Address cmd cmd-arg priv-lvl status AAA Server err_msg event-id

11/29/2007 14:43:21 manish Network Administrator 172.16.4.141 stop 137 shell 129 tty6 172.16.4.20 1 DELIVERANCE1

11/29/2007 14:43:35 manish Network Administrator 172.16.4.141 start shell 131 tty6 172.16.4.20 1 DELIVERANCE1

11/29/2007 14:43:39 manish Network Administrator NAS Port re-used 4 131 tty6 172.16.4.20 DELIVERANCE1

11/29/2007 14:46:38 manish Network Administrator 172.16.4.141 start shell 133 tty7 172.16.4.20 1 DELIVERANCE1

11/29/2007 14:46:41 manish Network Administrator NAS Port re-used 3 133 tty7 172.16.4.20 DELIVERANCE1

11/29/2007 14:46:45 manish Network Administrator 172.16.4.141 stop 190 shell 131 tty6 172.16.4.20 1 DELIVERANCE1

11/29/2007 14:50:09 manish Network Administrator 172.16.4.141 start shell 4035 tty1 172.16.4.4 1 DELIVERANCE1

11/29/2007 14:50:24 manish Network Administrator 172.16.4.141 stop 226 shell 133 tty7 172.16.4.20 1 DELIVERANCE1

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
kevin.jones1 Thu, 11/29/2007 - 08:22

there will a well known bug with version 4.1.

go to cisco and download a patch for it. After

you apply the patch, it will work after that.

Jagdeep Gambhir Thu, 11/29/2007 - 09:08

This is a known issue, you need to apply patch ACS 4.1.1.23.5 to fix the issue.

Patch for appliance is available on

http://www.cisco.com/cgi-bin/tablebuild.pl/acs-soleng-3des

Patch name : ACS SE 4.1.1.23.5 accumulative patch

Patch for acs windows is availble on

http://www.cisco.com/cgi-bin/tablebuild.pl/acs-win-3des')">http://www.cisco.com/cgi-bin/tablebuild.pl/acs-win-3des<

Patch Name : ACS 4.1.1.23.5 accumulative patch

That should fix the issue,

Regards,

Jagdeep

Note: If that answers your question, then please mark this thread as resolved, so that others can benefit from it.

manish.gaur Fri, 11/30/2007 - 08:51

Hi

I have acs 1113 and swceen is locked so tell me how to update the paches into it

manish.gaur Sun, 12/02/2007 - 22:27

kevin.jones1 ,jagdeep

Hi please tell me hpw to update these paches in cisco appliance 1113 .

manish.gaur Sun, 12/02/2007 - 22:29

kevin.jones1 ,jagdeep

the url which you told me is not working can you pelase check it and tell me

Actions

This Discussion