Re: Cisco ACS 4.2 and ASA from Shaughn Smith on 2010-05-18 (Ccielab archives 05/2010)

From: Shaughn Smith <maniac.smg_at_gmail.com>
Date: Tue, 18 May 2010 15:09:09 +0200

Ok, to be more specific.

I want to log my remote users VPN connections, ie what time they connect,
who connects (username) etc.

This is for audit purposes. I dont need to log admin access or command
changes merely the VPN users.

On Tue, May 18, 2010 at 3:05 PM, Tyson Scott <tscott_at_ipexpert.com> wrote:

> You are not going to get accounting for authentication for VPN. You will
> get passed and failed attempts. Accounting is not intended for what you
> are
> trying to do. What is your goal? I am still a little unclear based on
> your
> first email and the following statements.
>
> Regards,
>
> Tyson Scott - CCIE #13513 R&S, Security, and SP
> Technical Instructor - IPexpert, Inc.
> Mailto: tscott_at_ipexpert.com
> Telephone: +1.810.326.1444, ext. 208
>
>
> -----Original Message-----
> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
> Shaughn Smith
> Sent: Tuesday, May 18, 2010 8:39 AM
> To: Ryan West
> Cc: Cisco certification
> Subject: Re: Cisco ACS 4.2 and ASA
>
> Just to add, i want to view the tacacs+ Auth logs for my remote VPN
> users,
> not for local Admin access via SSH,console,Telnet.
>
> CCIE # 23962 (SP)
>
> On Tue, May 18, 2010 at 2:00 PM, Shaughn Smith <maniac.smg_at_gmail.com>
> wrote:
>
> > AAa configuration on the ASA
> >
> > xxxxxxx# sh running-config | include aaa
> > aaa-server TACACS+ protocol tacacs+
> > aaa-server TACACS+ (inside) host xxx.xxx.xxx.xxx
> > aaa authentication telnet console LOCAL
> > aaa authentication http console LOCAL
> > aaa authentication serial console LOCAL
> > aaa authentication ssh console LOCAL
> > aaa accounting enable console TACACS+
> >
> >
> > On Tue, May 18, 2010 at 1:19 PM, Shaughn Smith
> <maniac.smg_at_gmail.com>wrote:
> >
> >> Should have clarified, I can see entries in the passed and failed logs.
> >>
> >> AAA config coming up
> >>
> >> On Tue, May 18, 2010 at 1:18 PM, Ryan West <rwest_at_zyedge.com> wrote:
> >>
> >>> Can you post your AAA config? Do you see entries in the passed and
> >>> failed auth logs?
> >>>
> >>> Sent from handheld.
> >>>
> >>> On May 18, 2010, at 7:01 AM, "Shaughn Smith" <maniac.smg_at_gmail.com>
> >>> wrote:
> >>>
> >>> > Hi All
> >>> >
> >>> > I have a very strange problem. I am running Cisco ASC 4.2 as well as
> >>> > a 5540
> >>> > ASA, I have setup TACACS+ auth to the ACS which is working 100%.
> >>> > However
> >>> > when i try and view the reports for Tacacs+ accounting the reports
> are
> >>> > blank. Same goes for Tacacs+ Administration.
> >>> >
> >>> > I have seen there were some bugs with ACS 4.1 but havent been able
> >>> > to find
> >>> > any issues relating to 4.2, anyone here seen this before ?
> >>> >
> >>> > Thanks
> >>> >
> >>> > CCIE # 23962 (SP)
> >>> >
> >>> >
> >>> > Blogs and organic groups at http://www.ccie.net
> >>> >
> >>> >
> _______________________________________________________________________
> >>>
> >>>
> >>> > Subscription information may be found at:
> >>> > http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Tue May 18 2010 - 15:09:09 ART

This archive was generated by hypermail 2.2.0 : Tue Jun 01 2010 - 07:09:53 ART