Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

[acsv3.1] radius pix accounting

i'm trying to enable pix session accouting. the idea is to define an acl to specify the traffic i wanna look at and then log whatever was done.

for example, i'm using this to log whatever my xauth vpn clients do across the tunnel. now, when i look at the 'passed authentications' link within acs i see everything ok, then i take a look at 'radius accouting' and see everything i'm supposed to, except for, sar, tcp ports, which is exactly what i wanna see.

is this supported? on the 'radius accounting' link i see a field called 'service-type' but it doesn't look like that would be it. anyway, is there anyway to log the flow that's opened by the customer and if so, can i configure acs to send en email when rules are broken?

the config on my pix is:

access-list 110 permit tcp any any

aaa accounting match 110 inside RADIUS

regards,

c.

3 REPLIES
New Member

Re: [acsv3.1] radius pix accounting

Hi Carlos,

This is not possible as of now, we have a bug filed for this issue, CSCdu01327

Thanks

Sujit

New Member

Re: [acsv3.1] radius pix accounting

2 questions:

1.- is this bug part of pixos or acs3.1? not clear in bug info.

2.-if this is an acs3.1 related bug and i just bought 3.1, is there an available (free) upgrade?

regards,

c.

Silver

Re: [acsv3.1] radius pix accounting

Hi,

This is a bug on the PIX OS, not on ACS 3.1. You have the latest version until now.

ACS 3.2 is not out yet.

Thanks,

Mynul

143
Views
0
Helpful
3
Replies