urgent -- tacacs accounting

Mohamed Sobair · ‎06-16-2007

Hi All,

I am using tacacs+ for authentication, i already configured the cisco router and enabled accounting for commands to be logged. commands issued at privilege/config modes are being logeed perfectly but commands issued at interface level are not...

Have any one idea about the reason or some one run through the same issue.

I am attaching the configuration applied at cisco router , I would appreciate any feedback,

Best Regards,

JORGE RODRIGUEZ · ‎06-16-2007

The problem might be on your command level. Bellow is a working script we setup in our network which records all commands including interfaces.

aaa new-model

aaa authentication login default group tacacs+ line

aaa authentication login no_tacacs line

authentication enable default group tacacs+ enable

aaa authorization commands 0 default group tacacs+ none

aaa authorization commands 1 default group tacacs+ none

aaa authorization commands 15 default group tacacs+ none

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 0 default stop-only group tacacs+

aaa accounting commands 1 default stop-only group tacacs+

aaa accounting commands 15 default stop-only group tacacs+

aaa accounting system default stop-only group tacacs+

tacacs-server host x.x.x.x

tacacs-server timeout 3

tacacs-server directed-request

tacacs-server key xxxxx

Im sure you have seen docs on this but here is one in case.

http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_command_reference_chapter09186a00800ca6d9.html#1019013

Hope this helps

Jorge

Jorge Rodriguez