cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
578
Views
0
Helpful
4
Replies

AAA Accounting on Routers

Joshua Engels
Level 1
Level 1

Hey guys,

I am looking for some help in setting up my router to where it reports to my CSACS all commands executed by users. For example, I login as the user bbaggins and I make changes to an ACL configuration, is there a way for the commands I typed in to be logged by the ACS?

Thanks for your help.

1 Accepted Solution

Accepted Solutions

Jagdeep Gambhir
Level 10
Level 10

You need to set up tacacs for that. Here are the commands.

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 1 default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

Command accounting logs are stored in tacacs administration logs. Also there is a known issue on ver 4.1.1 and we need to apply patch ACS 4.1.1.23.5 to fix the issue.

Patch for appliance is available on

http://www.cisco.com/cgi-bin/tablebuild.pl/acs-soleng-3des

Patch name : ACS SE 4.1.1.23.5 accumulative patch

Patch for acs windows is available on

http://www.cisco.com/cgi-bin/tablebuild.pl/acs-win-3des

Patch Name : ACS 4.1.1.23.5 accumulative patch

Regards,

~JG

Do rate helpful posts

View solution in original post

4 Replies 4

Jagdeep Gambhir
Level 10
Level 10

You need to set up tacacs for that. Here are the commands.

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 1 default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

Command accounting logs are stored in tacacs administration logs. Also there is a known issue on ver 4.1.1 and we need to apply patch ACS 4.1.1.23.5 to fix the issue.

Patch for appliance is available on

http://www.cisco.com/cgi-bin/tablebuild.pl/acs-soleng-3des

Patch name : ACS SE 4.1.1.23.5 accumulative patch

Patch for acs windows is available on

http://www.cisco.com/cgi-bin/tablebuild.pl/acs-win-3des

Patch Name : ACS 4.1.1.23.5 accumulative patch

Regards,

~JG

Do rate helpful posts

You are the man. I had it setup and didn't realize it was under Administration. Thanks so much for your help.

One last question.....

do I need "aaa accounting commands 1 default start-stop group tacacs+" and "aaa accounting commands 15 default start-stop group tacacs"? What for?

aaa accounting commands 1 default start-stop group tacacs+

That is to log accounting for Priv 1 command

aaa accounting commands 15 default start-stop group tacacs"

That is to log accounting for Priv 15 command

Regards,

~JG

Do rate helpful posts

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: