[c-nsp] Accounting VPN PIX and ACS
Drikus Brits
Drikus.Brits at is.co.za
Wed Nov 5 11:17:40 EST 2008
Hi,
I'm assuming that you have already setup accounting to be pushed thru to
your ACS ?
On your acs you can selectively choose what you want to log.
Essentially, you can use either RADIUS or TACACS+ to log your accounting
packets. I'd prefer the Radius method though, especially since it is for
remote access usage.
Your setup shouldn't change much, apart from you changing to RADIUS
instead of TACACS+. As long as your keys on the ACS & PIX is the same ,
you should get Authentication & Accounting logs.
Do you still need docs on how to change these and set it up ?
Regards,
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of omar parihuana
Sent: Tuesday, November 04, 2008 9:22 PM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] Accounting VPN PIX and ACS
Hi List,
I'm facing a trouble, I have a PIX and one ACS 3.3. The pix act like VPN
concetrator for the clients (Windows Based - Cisco VPN Client) and ACS
like
authenticator I'm using TACACS+. All were working well. But now my boss
said: We need to get the VPN usage so I need:, who? when? and how
long...?
were connected... please could you provide me some suggestions, some
samples, or docs... maybe to change to RADIUS? or is it possible with
TACACS+?
Rgds.
--
Omar E.P.T
-----------------
Certified Networking Professionals make better Connections!
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Please note: This email and its content are subject to the disclaimer as displayed at the following link http://www.is.co.za/legal/E-mail+Confidentiality+Notice+and+Disclaimer.htm. Should you not have Web access, send a mail to disclaimers at is.co.za and a copy will be emailed to you.
More information about the cisco-nsp
mailing list