Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
665
Views
15
Helpful
6
Replies

aaa accounting under acs

bigbrother74
Level 1
Level 1

‎07-20-2007 01:06 AM - edited ‎03-10-2019 03:17 PM

Hi

I use acs 4.1 under "Reports and Activity" -> "TACACS+ Accounting" I can see some start/stop reportings.

But under "Reports and Activity" -> "TACACS+ Administration" I can't see anything...

What do I have to configure at least???

Thanx

bb

Labels:
0 Helpful
6 Replies 6

somishra
Cisco Employee
Cisco Employee

‎07-20-2007 02:10 AM

Hi,

I believe you are hitting a bug. The bug ID is CSCsg97429: TACACS+ Command Accounting does not work in ACS 4.1(1) Build 23.

The patch for bug

CSCsg97429 is ready and files are available on cisco.com.

Hope this helps,

Soumya

elliott.fougman
Level 1
Level 1
In response to somishra

‎07-20-2007 06:48 AM

Ensure you have the relevant config on you routers switches. It should look omething like this

aaa new-model

aaa authentication login default group tacacs+ enable

aaa authentication enable default group tacacs+ enable

aaa authorization exec default group tacacs+ none

aaa authorization commands 1 default group tacacs+ if-authenticated

aaa authorization commands 15 default group tacacs+ if-authenticated

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 1 default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

Hope this helps.

Elliott

0 Helpful

j-mccarthy
Level 1
Level 1
In response to somishra

‎10-02-2007 10:28 PM

Hi,

You guys rock !! This is my first time using this forum and you have solved a problem that had me tearing my hair out and questioning my sanity.

A BIG thank you to Somishra and Jghambir for your responses to this topic.

You are bang on with both the diagnosis and resolution.

0 Helpful

Jagdeep Gambhir
Level 10
Level 10

‎07-20-2007 07:32 AM

BB,

This is a known issue, you need to apply patch ACS 4.1.1.23.5 to fix the issue.

Patch for appliance is available on

http://www.cisco.com/cgi-bin/tablebuild.pl/acs-soleng-3des

Patch name : ACS SE 4.1.1.23.5 accumulative patch

Patch for acs windows is availble on

http://www.cisco.com/cgi-bin/tablebuild.pl/acs-win-3des')">http://www.cisco.com/cgi-bin/tablebuild.pl/acs-win-3des<

Patch Name : ACS 4.1.1.23.5 accumulative patch

That should fix the issue,

Regards,

Jagdeep

Note: If that answers your question, then please mark this thread as resolved, so that others can benefit from it.

Jagdeep Gambhir
Level 10
Level 10
In response to Jagdeep Gambhir

‎07-20-2007 07:34 AM

Also make sure that you apply patch on remote agent else communication between acs and RA will break.

Regards,

~JG

darpotter
Level 5
Level 5
In response to Jagdeep Gambhir

‎07-22-2007 10:57 PM

If you encounter problems with the remote agent take a look at extraxi csvsync. This uses http to collect CSVs in bulk via CSAdmin and as such requires no agents or dedicated servers.

www.extraxi.com/csvsync.htm

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents