07-23-2008 07:53 AM - edited 03-10-2019 03:59 PM
I'm trying to set up AAA accounting for all commands executed on all of my switches. We have a TACACs Server running Cisco ACS v3.1. What commands do I need to enter on my switches for it to send accounting messages to my TACACs server?
07-23-2008 09:45 AM
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
aaa accounting system default start-stop group tacacs+
Hope that helps.
07-23-2008 09:52 AM
Thanks,
I will give this a try
07-24-2008 05:48 AM
Also command accounting logs are stored in Tacacs administration report and not in tacacs accounting report.
Regards,
~JG
07-24-2008 06:56 AM
Any configuration on ACS ?
After configure this commands, no messages are generated in my ACS, on Tacacs+ Administration ....
Thanks.
07-24-2008 06:59 AM
If you are running acs 4.1.1 then there is a known issue related to command accounting do not show up.
To fix it you need to apply patch 5 ie 4.1.1 patch 5.
Regards,
~JG
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide