Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

AAA Accounting with IAS

I have a PIX firewall V6.3 and a Windows 2000 IAS to authenticate VPN(Client Cisco V 4)users by a Group.

The authentication works fine, but I like to use the accounting to log the user logs on and logs off. Right know it only logs when they connect, but dose not shows them logging off.

Here is my AAA config

aaa-server TACACS+ protocol tacacs+

aaa-server RADIUS protocol radius

aaa-server LOCAL protocol local

aaa-server RADIUS protocol radius

aaa-server RADIUS (inside) host X.X.X.X ******* timeout 5

3 REPLIES
Bronze

Re: AAA Accounting with IAS

If you want to account bothe the login and log off, you can use the start-stop command.

An example of that command is

(conf)#aaa accounting exec default start-stop group radius.

Thean apply this to the interface or line required.

If you want some more detailed information, then send me ur current accounting and authorization configuration.

New Member

Re: AAA Accounting with IAS

Hi, i'm having the same problem as the topic starter. I tried your suggestion using aaa accounting exec, but PIX OS does not support that command.

I tried finding your email adress but it is not listed in your profile. Maybee you can constact me at servicedesk (at) lafarge (dot) nl

New Member

Re: AAA Accounting with IAS

I got this finally running on PIX os 7.04. You need to modify the tunnel-group general settings. You need to add accounting-server-group

See the command reference http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_command_reference_book09186a0080484fe1.html

350
Views
0
Helpful
3
Replies
CreatePlease to create content