Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
409
Views
0
Helpful
2
Replies

accounting for VPN access through a PIX

dcoswald
Level 1
Level 1

‎04-16-2002 05:36 AM - edited ‎02-21-2020 11:41 AM

I am trying to get accounting working for my users who connect to my PIX with the VPN3000 client. The users are authenticated using tacacs to mu ACS server. I want to include accounting. Here is what I use for authentication

aaa-server vpnauth protocol tacacs+

aaa-server vpnauth (inside) host 192.168.20.4 secret timeout 20

crypto map CanadaMap client authentication vpnauth

When I add the following line I still do not get any accounting information.

aaa accounting include any inbound 0 0 0 0 vpnauth

Any ideas ??

Labels:
0 Helpful
2 Replies 2

ciscomoderator
Community Manager
Community Manager

‎04-23-2002 04:54 PM

Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you. If you don't get a suitable response to your post, you may wish to review our resources at the online Technical Assistance Center (http://www.cisco.com/tac) or speak with a TAC engineer. You can open a TAC case online at http://www.cisco.com/tac/caseopen

If anyone else in the forum has some advice, please reply to this thread.

Thank you for posting.

0 Helpful

xantic
Level 1
Level 1

‎07-31-2002 10:16 PM

Hello,

Its the bug with the Cisco Secure ACS v 3.0. Here's the solution given on the Cisco web site:-

Symptom:

In CSNT 3.0, tacacs+ accounting packets are being logged in the

tacacs+ administration logs instead of tacacs+

accounting logs for some devices such as the pix & switch.

Workaround:

To make CSNT 3.0 work like previous versions,

stop CSNT services, back up the registry, & run regedit to

make the changes below:

HKEY_LOCAL_MACHINE\SOFTWARE\CiscoAAAv3.0\CSLOG\Loggers\CSV TACACS+

Accounting filter=preV3_tacacsAccountingFilter

HKEY_LOCAL_MACHINE\SOFTWARE\CiscoAAAv3.0\CSLOG\Loggers\CSV TACACS+

Administration=preV3_tacacsAdminFilter

Then restart the services.

Cheers,

Ramesh

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents