Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
842
Views
0
Helpful
4
Replies

Can SNMP traps account for PPPoE users on a router?

Go to solution
csamuelps
Level 1
Level 1

‎03-23-2010 02:38 PM - edited ‎02-21-2020 03:54 AM

For auditing purposes I want to use SNMP traps to account for PPPoE users on a router?  I don't see a way to do this.  Is is possible?  If not, what's the best way to go about this?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
yjdabear
VIP Alumni
VIP Alumni
In response to csamuelps

‎03-24-2010 04:22 PM

"snmp-server enable traps pppoe" doesn't provide that typo of info, nor do I think it should anyway. OTOH, if you configure "aaa accounting" globally or "ppp accounting" per interface, the NAS (your rtr) can report such user info to the AAA (RADIUS  or TACACS) backend: 

rtr# show accounting

Active Accounted actions on tty0, User (not logged in) Priv 1

 Task ID 1, EXEC Accounting record, 00:35:16 Elapsed

 task_id=1 service=shell 

Active Accounted actions on tty33, User ellie Priv 1

 Task ID 16, EXEC Accounting record, 00:00:17 Elapsed

 task_id=16 service=shell 

Active Accounted actions on Interface Async33, User tom Priv 1

 Task ID 17, Network Accounting record, 00:00:13 Elapsed

 task_id=17 service=ppp protocol=ip addr=10.0.0.1

Then it's a matter of instrumenting a solution on the AAA server to alert/report however you want for the auditors. I'd think SNMP trap wouldn't be the first choice as the delivery mechanism in that case, as there're far more straight-forward options on a server.

Alternatively, If you believe such info can be obtained with some show commands on the router itself, and the router supports EEM, I'd suggest seeking a potential EEM-based solution over in the other Network Management forum (https://supportforums.cisco.com/community/netpro/network-infrastructure/network-management), which can certainly generate SNMP trap accordingly.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
yjdabear
VIP Alumni
VIP Alumni

‎03-24-2010 10:53 AM

What do you mean by "account for PPPoE users"? Send a trap every time a PPPoE user signs on or off?

0 Helpful

Go to solution
csamuelps
Level 1
Level 1
In response to yjdabear

‎03-24-2010 11:13 AM

Yes, I'm looking for username, IP address, and time signed on/off.

0 Helpful

Go to solution
yjdabear
VIP Alumni
VIP Alumni
In response to csamuelps

‎03-24-2010 04:22 PM

"snmp-server enable traps pppoe" doesn't provide that typo of info, nor do I think it should anyway. OTOH, if you configure "aaa accounting" globally or "ppp accounting" per interface, the NAS (your rtr) can report such user info to the AAA (RADIUS  or TACACS) backend: 

rtr# show accounting

Active Accounted actions on tty0, User (not logged in) Priv 1

 Task ID 1, EXEC Accounting record, 00:35:16 Elapsed

 task_id=1 service=shell 

Active Accounted actions on tty33, User ellie Priv 1

 Task ID 16, EXEC Accounting record, 00:00:17 Elapsed

 task_id=16 service=shell 

Active Accounted actions on Interface Async33, User tom Priv 1

 Task ID 17, Network Accounting record, 00:00:13 Elapsed

 task_id=17 service=ppp protocol=ip addr=10.0.0.1

Then it's a matter of instrumenting a solution on the AAA server to alert/report however you want for the auditors. I'd think SNMP trap wouldn't be the first choice as the delivery mechanism in that case, as there're far more straight-forward options on a server.

Alternatively, If you believe such info can be obtained with some show commands on the router itself, and the router supports EEM, I'd suggest seeking a potential EEM-based solution over in the other Network Management forum (https://supportforums.cisco.com/community/netpro/network-infrastructure/network-management), which can certainly generate SNMP trap accordingly.

0 Helpful

Go to solution
csamuelps
Level 1
Level 1
In response to yjdabear

‎03-25-2010 10:31 AM

Thanks.  That answers my question.   -Chris

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card