Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

PIX Authentication and Accounting

I am using a PIX515E (6.3(3)) and ACS3.1 to authenticate access to a private network using RADIUS and downloadable ACL's.

I would like to log when a user was authenticated and how long the user was accessing the private network. In ACS Reports I can see passed and failed authentications for the user but the user is never shown as being "logged on". Can the PIX be configured to do accounting in this way to let me know when the user was authenticated and when Uauth timed out and de-authenticated the user?

thanks in advance...


Cisco Employee

Re: PIX Authentication and Accounting

I presume you're talking about accounting for VPN connections, correct?

If so, then at the moment the PIX doesn't do this. The next release (v7) coming out later this year will, but unitl then it's not supported, sorry.

The entries in the Passed Authen/Failed Attempts log are simply from the authentication requests. For someone to appear in the Logged-In User list on ACS they have to have accounting enabled for that authentication.

CreatePlease to create content