Announcement

Collapse
No announcement yet.

Problem in ACS4.1 and user monitorin

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Problem in ACS4.1 and user monitorin

    Hi all,
    I have a acs 4.1 and many routers, I set radius protocol between my routers and acs and now I can it, but I need to config routers and acs for this :
    If a user telnet to router I can see all commands whise he type in telnet consol
    for example if User1 authenticated and type en and password and then type show run I can see all his action in ACS log my router config is:


    aaa new-model
    aaa authentication login default group radius local
    aaa authorization exec default group radius local
    aaa authorization network default group radius if-authenticated
    aaa accounting exec default start-stop group radius
    aaa session-id common
    username poweruser privilege 15 password power
    ip radius source-interface Fastethernet0/0
    radius-server host 192.168.1.5 auth-port 1645 acct-port 1646 key test
    radius-server directed-request
    !
    and I select all fields for all logs but I see only start and stop settion
    Could you help me?
    Thanks
    Kamal

  • #2
    Re: Problem in ACS4.1 and user monitorin

    Originally posted by kamal1352 View Post
    Hi all,
    I have a acs 4.1 and many routers, I set radius protocol between my routers and acs and now I can it, but I need to config routers and acs for this :
    If a user telnet to router I can see all commands whise he type in telnet consol
    for example if User1 authenticated and type en and password and then type show run I can see all his action in ACS log my router config is:


    aaa new-model
    aaa authentication login default group radius local
    aaa authorization exec default group radius local
    aaa authorization network default group radius if-authenticated
    aaa accounting exec default start-stop group radius
    aaa session-id common
    username poweruser privilege 15 password power
    ip radius source-interface Fastethernet0/0
    radius-server host 192.168.1.5 auth-port 1645 acct-port 1646 key test
    radius-server directed-request
    !
    and I select all fields for all logs but I see only start and stop settion
    Could you help me?
    Thanks
    Kamal
    No Any Idea?

    Comment


    • #3
      Re: Problem in ACS4.1 and user monitorin

      aaa authentication login default group tacacs+ local
      aaa authorization console
      aaa authorization config-commands
      aaa authorization exec default group tacacs+ local
      aaa authorization commands 15 default group tacacs+ local
      aaa authorization configuration default group tacacs+
      aaa accounting exec default start-stop group tacacs+
      aaa accounting commands 15 default start-stop group tacacs+
      aaa accounting connection default start-stop group tacacs+
      aaa accounting system default start-stop group tacacs+
      aaa session-id common



      tacacs-server host (Your ACS SERVER ip)
      tacacs-server directed-request
      tacacs-server key ?


      I have the mentinoed below config .Try this if can work.



      Cheers
      DT

      Comment

      Working...
      X