ACS config Problem

Unanswered Question
Apr 21st, 2008
User Badges:

I have ACS solution engine, I made a NDG on ACS and add AAA server and AAA client. I also made a user in default group 1. The same user exist

in rotuer local database just on the safe side. But I am not able to see any activitiy in ACS reporting window,

not able to see any logged user in ACS.


The following is the configuration that I did on ACS engine and router



aaa authentication login default group tacacs+ local

aaa authorization exec authorization group tacacs+ local

aaa accounting commands 15 accounting start-stop group tacacs+

username cisco password cisco123


tacacs-server host 172.28.31.132

tacacs-server key <tacacs-shared-key>

ip tacacs source-interface gig 0/1

username cisco password cisco123






  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jagdeep Gambhir Mon, 04/21/2008 - 13:32
User Badges:
  • Red, 2250 points or more

You mean you can authenticate fine but do not see any command accounting ? If that is the case,then pls note that Command accounting logs are stroed in tacacs administration logs.


Also there is a known issue on ver 4.1.1 and we need to apply patch ACS 4.1.1.23.5 to fix the command accounting issue.


Patch for appliance is available on

http://www.cisco.com/cgi-bin/tablebuild.pl/acs-soleng-3des


Patch name : ACS SE 4.1.1.23.5 accumulative patch


Patch for acs windows is available on

http://www.cisco.com/cgi-bin/tablebuild.pl/acs-win-3des


Patch Name : ACS 4.1.1.23.5 accumulative patch


That should fix the issue,


Regards,

~JG

wasiimcisco Mon, 04/21/2008 - 16:30
User Badges:

but I am not able to see complete logging of all commands that I am using during the session. I configure the following things on router



aaa new-model

aaa authentication login default group radius local

aaa authorization exec authorization group radius

aaa accounting commands 15 accounting start-stop group radius

aaa accounting exec default start-stop group radius

aaa accounting network default start-stop group radius



radius-server host 172.28.31.132

radius-server key waridtel0321

ip radius source-interface gig 0/1


Please tell me how i can see which activities user has performed during the session. detail of command.


Can i use tacacs for authentication and radius for accounting. I tried it but it didnt work for me.


Please guide I will be very greatful to you.


in Tacacs accounting CSV file, it shows me only login time, user id and service shell, i want to see detail of command that user has used during the session.


I have attached both CSV files that i got when trying with tacacs and radius for accounting.




Jagdeep Gambhir Tue, 04/22/2008 - 06:52
User Badges:
  • Red, 2250 points or more

Command accounting is only possible via Tacacs and not radius.


So you need to use tacacs and these logs would be logged in tacacs administration logs.



Regards,

~JG


Do rate helpful posts




Actions

This Discussion