Good day all,

I just finished installing a brand new server with ACS 4.1.

When this new ACS 4.1 installation is approved, I will retire my old server that has ACS 3.1.

At this point the only problem that I have with ACS 4.1 is with accounting.

For example:

I used a test-router with all the necessary config pointing to my old ACS 3.1. Everything is working fine (authentication and accounting). If I enter a command on the test-router it is log on the ACS 3.1.

Now, if I modify the test-router to point to the new ACS 4.1, the ACS 4.1 will authenticate the test-router properly, but will not log any command I enter in the test-router. I did a capture between the test-router and ACS 4.1 and the test-router is sending accounting statement to ACS 4.1.

There is a lot a different config from ACS 3.1 to 4.1, but as far as I can see the config on both ACS is as similar as possible.

Is there anybody out there that was able to have ACS 4.1 to process accounting properly?

Any idea will help.

Thanks

Frank

Here my config:

aaa new-model

aaa authentication login default group tacacs+ local

aaa authentication login NO-AUTH none

aaa authorization exec default group tacacs+ local

aaa authorization commands 1 start-stop group tacacs+

aaa authorization commands 15 start-stop group tacacs+

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 1 default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs

!

tacacs-server host 192.168.100.16 key *******

(the above command is the only command that I change for pointing to ACS 3.1 or ACS 4.1)

tacacs-server directed-request