I have setup a proxy distribution table in my Cisco ACS v4.2 (patch 6).
I have two type of users: Suppliers (external) and TI user (internal). They connect to our Internal Network by a VPN SSL connection (AEP Netilla box).
This box have 2 realms. One for suppliers, another for TI users.
The aim is that:
* For the suppliers connect trought the Netilla box which forwards the authentication (RADIUS Authentication) to the ACS which forwards the request to an RSA server.
* For TI User, they connect trought the Netilla Box which forwards the request (RADIUS Authentication) to the ACS which check the Active Directory.
=> It's working perfectly.
The problem is that I have no logs from the ACS box about the suppliers which are forwarded to the RSA server. If possible, I want to know which users try to connect, if they are permit (or not) and eventually how many times they are connected.
The problem is the Netilla box doesn't have Radius Accouting.
I was hoping that the ACS logs these kinds of connections. (It's working for users, TI users, authenticated by the Active Directory).
Is-it possible that the ACS forwards only the request without taking attention of what it is forwared (except remove the Character String).
Is there another way to do what I'm talking about ?
See my VISIO attachement.
Thanks in advance for your attention,