Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Cisco ACS

Hi,

with the following, the switch is working perfectly with what ever i configured in Cisco ACS....

aaa new-model

aaa authentication login default group tacacs+ enable local

aaa authentication enable default group tacacs+ enable

aaa authorization exec default group tacacs+ if-authenticated

aaa authorization commands 1 default group tacacs+ if-authenticated

aaa authorization commands 15 default group tacacs+ if-authenticated

aaa accounting exec default start-stop group tacacs+

tacacs-server host 10.203.1.92 key checkingtheswitch

could able to check the report,logged in users, login & logout time, failied authentication & pass authentications, but i couldn't see anything in "TACACS+ Administration" in Cisco ACS, can any one help me in this regard?

The above configuration was good enuf for me, that even if the Cisco ACS is down for any other reason, i could still able to login with the local database on the switch if i use "aaa authorization exec default group tacacs+ if-authenticated"

but still i feel something could be missing, so please suggest me any other commands needs to be added.

3 REPLIES
New Member

Re: Cisco ACS

Did you try adding:

aaa accounting connection default start-stop group tacacs+

Cheers!

Wim

Re: Cisco ACS

thanks for ur reply, but what exactly this command does?

New Member

Re: Cisco ACS

It allows the router to log the commands you do in your Tacacs.

Take a look at http://www.cisco.com/univercd

There's plenty of documantation...

Cheers!

136
Views
0
Helpful
3
Replies
CreatePlease login to create content