Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

authentication authorization acouting of the users for mail, ftp,web server

hi,

please tell me can we use the ACS server for outside and inside users of the corporate to authenticate authorize and accoun to access the FTP ,web and SMTP corporate server,

please tell me how.

e.g. a user is accessign the ftp server can we authnticate,authorize ,accounte the user and what he did.

Thanks

Manish Gaur

4 REPLIES
Community Member

Re: authentication authorization acouting of the users for mail,

Community Member

Re: authentication authorization acouting of the users for mail,

hii premdeep

thanks for pix

can we do the (aaa)same with the cisco router if aaa is running on the cisco router and can check for the users of inside network as well as the users coming from the outside to inside.

thanks

Manish Gaur

Community Member

Re: authentication authorization acouting of the users for mail,

Yes why not....

Be it normal adminstrative user to log into router/switch or whetehr you have configured VPN on your router, every user will be authenticated, if required authorized using aaa commands and you can even account when they logged in and when they logged out, and other then VPN connections in major cases you ca n even accont for what they did, best example would be with TACACS+ for accounting commands ran by users on device after logging in.

For basic understanding, go through following link :

http://www.cisco.com/en/US/customer/tech/tk59/technologies_tech_note09186a0080093c81.shtml

CAUTION : If you are doing aaa for first time on router/switch, make sure console is not under aaa watch. create a named list and apply it on console.

aaa authentication login no_console default none

line con 0

login authentiation no_console

After this play with AAA commands, when stuck use console to get back in and reset/reconfigure as required.

Make a search for AAA on Cisco, you'll find many documents :)

Re: authentication authorization acouting of the users for mail,

Hi,

Before you can get authentication & accounting log/activities in your ACS, you need to add the network device(s) as AAA Client in ACS.

Refer to the 'AAA Client Configuration' in http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_user_guide_chapter09186a0080102178.html.

The above guide is similar to all ACS versions.

Rgds,

AK

192
Views
0
Helpful
4
Replies
CreatePlease to create content