[c-nsp] Tacacs+ accounting on ASA/PIX 7.x
Kaj Niemi
kajtzu at basen.net
Wed Jan 23 09:15:58 EST 2008
Hi,
Yes, it's possible to log commands, logins, etc. to the PIX/ASA itself.
aaa accounting command tacacs-group
aaa accounting enable console tacacs-group
aaa accounting ssh console tacacs-group
Available as of 7.0 or so.
Kaj
On Jan 23, 2008, at 13:08, Joseph Jackson wrote:
> Hey all,
>
> I know in the past the pix/asa would not generate account records of
> what
> command were entered on the device. Does anyone know if this has
> changed?
> I've read some docs that talk about accounting traffic that passes
> THROUGH
> the device but not accounting for what commands are entered on the
> device
> from what user, like you get on a IOS router.
>
>
> Thanks
>
> Joseph
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
HTH
Kaj
--
Kaj J. Niemi
<kajtzu at basen.net>
+358 45 63 12000
More information about the cisco-nsp
mailing list