I currently use TACACS+ with ACS to authenticate access to network devices. I also have a local account just in case the ACS servers are unreachable. As it stands now, ACS logs all my TACACS+ sessions. I would like to also log all local logins using the local account.
My probelm is I do not know how to set this up, and also where would i view the logging of these local account logons?
Here is my aaa model
(ignore the dot1x stuff, its for my wired security)
aaa authentication login default group tacacs+ enable
aaa authentication dot1x default group radius
aaa authorization exec default group tacacs+ if-authenticated
aaa authorization network default group radius
aaa accounting dot1x default start-stop group radius
aaa accounting exec default start-stop group tacacs+
Can anyone help with this?