Cisco Support Community
Community Member

Question about services provided by ACS

Hi I have a question in regards to tracking users. My company is looking into getting an ACS server but they also would like to know it is able to track user log on and off and from what location. Is that possible with the ACS? And is the ACS able to access the external networking devices if it is on the inside of the firewall?

Hall of Fame Super Gold

Re: Question about services provided by ACS


We configure our Cisco routers and switches to use ACS for authentication, authorization, and accounting. Our ACS has very nice reporting that shows what user ID, logged in and logged out, and what device it was on and the source address for the access.

Whether the ACS from inside the firewall could access devices outside the firewall would depend on what rules are configured on the firewall. If the firewall rules permit the access then the ACS should be able to access devices outside the firewall.




Re: Question about services provided by ACS

The reporting capabilities of ACS itself are very limited - literally to listing the accounting records and some basic filtering.

If you need management level reports take a look at extraxi aaa-reports! You can import the accounting, passed & failed logs for a whole raft of canned reports including management summaries.

Also, with the query builder you can drill down into the data to look for specific events etc. to create custom reports.

csvsync can collect log files from your ACSs without having to deploy the remote agent.

CreatePlease to create content