01-30-2008 10:01 AM - edited 03-10-2019 03:37 PM
I can get a csv file created for a TACACS+ Administration log/report [configured in Interface Logging of the ACS] but that log file is is empty. Help states that aaa accounting commands start-stop TACACS+ must appear in the access server or router configuration file in order to capture this day but my ASA 5520 will only allow;
aaa accounting command <server group> or <privilege>.
How do I get this ASA and Windows ACS to collect TACACS+ administration?
Note: My TACACS+ accounting does collect data on users ssh into the ASA.
01-30-2008 11:10 PM
It's quite possible that you might be experiencing a know bug ( CSCsg97429 ) in ACS version 4.1.
Get this Patch: Acs-4.1.1.23.5-SW.zip. It fixes the TACACS+ Administration log/report problem.
You rigth in regards to the command. It is needed for your NAS to send accounting information to the ACS.
Here's an example of the commands:
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
Hope it helps.
01-31-2008 03:55 PM
That worked on one ASA but I also installed a secondary Authentication utility. I have a second ASA with the new patch loaded but no utility. I will look at it Friday am and see if has entries in the log. If not I will installed the utility. We'll see
02-06-2008 08:32 AM
Did it work eventually.?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide