Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

aaa accounting on a pix

Here is my current configuration and the authentication works fine.

aaa-server Auth protocol tacacs+

aaa-server Auth (inside) host XXX.XXX.XXX.XXX Password timeout 5

aaa authentication ssh console Auth

aaa authentication ssh telnet Auth

Now I want to apply accounting to the configuration so that I know what is being changed on the pix (version 6.2) and who is logged on.

aaa accounting include any outbound 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 Auth

Accounting is working fine on my switches and routers.

Thanks,

4 REPLIES
Cisco Employee

Re: aaa accounting on a pix

Here is the besy url which talks about "Performing Authentication, Authorization, and Accounting of Users Through PIX Versions 5.2 and Later"

http://www.cisco.com/warp/customer/110/atp52.html

You can refer just accounting part on that url to configure accounting

Silver

Re: aaa accounting on a pix

Seems like you are trying to get accounting for managing the pix, like what commadns the user executes after they telnet/ssh etc.. this feature is not available as of yet on the pix.

aaa accounting include any outbound 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 Auth

This command will only do the accounting for the pass-thru traffic, not the activities (commands executed on the pix) done on the pix. I hope this answers your question.

Thanks,

Mynul

New Member

Re: aaa accounting on a pix

Thanks that answers my question. Any idea when it is going to be available?

New Member

Re: aaa accounting on a pix

Hi,

We do not have any dates for this, I would suggest you you contact your account team .

Thanks

Sujit

315
Views
0
Helpful
4
Replies