AAA Accounting Report

Unanswered Question
Apr 15th, 2008


I am using Tacacs for AAA accounting.I have customer network NAT behind a single IP address and hence I am getting report from all customer device showing single IP.Based on the logs I cannot identify on which device the command was executed.I cannot use static NAT that is one to one mapping.I want Accouting report to reflect if not the right IP atleast the correct hostname.Now the AAA is showing the hostname of the NAT router and not the actual device.Any help will be appreciated

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
rochopra Wed, 04/16/2008 - 07:22

ACS will always pick global address in case of PAT and there will be no workaround if ACS server is on outside.

Consider another instance of ACS in the customers network


consider sending authentication traffic through Ipsec tunnel to ACS, if security is a concern to the client.

: Rohit


This Discussion