Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
601
Views
0
Helpful
4
Replies

AAA Accounting on Routers

Go to solution
Joshua Engels
Level 1
Level 1

‎09-23-2009 07:36 AM - edited ‎03-10-2019 04:42 PM

Hey guys,

I am looking for some help in setting up my router to where it reports to my CSACS all commands executed by users. For example, I login as the user bbaggins and I make changes to an ACL configuration, is there a way for the commands I typed in to be logged by the ACS?

Thanks for your help.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jagdeep Gambhir
Level 10
Level 10

‎09-23-2009 07:42 AM

You need to set up tacacs for that. Here are the commands.

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 1 default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

Command accounting logs are stored in tacacs administration logs. Also there is a known issue on ver 4.1.1 and we need to apply patch ACS 4.1.1.23.5 to fix the issue.

Patch for appliance is available on

http://www.cisco.com/cgi-bin/tablebuild.pl/acs-soleng-3des

Patch name : ACS SE 4.1.1.23.5 accumulative patch

Patch for acs windows is available on

http://www.cisco.com/cgi-bin/tablebuild.pl/acs-win-3des

Patch Name : ACS 4.1.1.23.5 accumulative patch

Regards,

~JG

Do rate helpful posts

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Jagdeep Gambhir
Level 10
Level 10

‎09-23-2009 07:42 AM

You need to set up tacacs for that. Here are the commands.

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 1 default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

Command accounting logs are stored in tacacs administration logs. Also there is a known issue on ver 4.1.1 and we need to apply patch ACS 4.1.1.23.5 to fix the issue.

Patch for appliance is available on

http://www.cisco.com/cgi-bin/tablebuild.pl/acs-soleng-3des

Patch name : ACS SE 4.1.1.23.5 accumulative patch

Patch for acs windows is available on

http://www.cisco.com/cgi-bin/tablebuild.pl/acs-win-3des

Patch Name : ACS 4.1.1.23.5 accumulative patch

Regards,

~JG

Do rate helpful posts

0 Helpful

Go to solution
Joshua Engels
Level 1
Level 1
In response to Jagdeep Gambhir

‎09-23-2009 07:46 AM

You are the man. I had it setup and didn't realize it was under Administration. Thanks so much for your help.

0 Helpful

Go to solution
Joshua Engels
Level 1
Level 1
In response to Jagdeep Gambhir

‎09-23-2009 07:49 AM

One last question.....

do I need "aaa accounting commands 1 default start-stop group tacacs+" and "aaa accounting commands 15 default start-stop group tacacs"? What for?

0 Helpful

Go to solution
Jagdeep Gambhir
Level 10
Level 10
In response to Joshua Engels

‎09-23-2009 08:14 AM

aaa accounting commands 1 default start-stop group tacacs+

That is to log accounting for Priv 1 command

aaa accounting commands 15 default start-stop group tacacs"

That is to log accounting for Priv 15 command

Regards,

~JG

Do rate helpful posts

0 Helpful
Customers Also Viewed These Support Documents