______________________________ > From: [EMAIL PROTECTED] g [mailto:[EMAIL PROTECTED] adius.org] On Behalf Of satish patel > Sent: Thursday, 22 March 2007 17:33 > To: freeradius-users > Subject: freeradius cisco command accounting > > > Dear's > > is there any feature in freeradius provide cisco command accouning means users run command on cisco router and radius provide me command log ?? per users i want to replace my tacace with freeradius > >
Sorry about previous top posted html junk (thank you outlook) No, the cisco devices do not send command logs via radius. I compiled a tacacs server and configured it to handle accounting records. I then used the following to set up aaa on the router: aaa new-model aaa authentication login default group radius local aaa authentication login localauth local aaa authentication ppp default if-needed group radius local aaa authorization exec default group radius local aaa authorization network default group radius local aaa accounting send stop-record authentication failure aaa accounting exec default stop-only group tacacs+ aaa accounting commands 15 default start-stop group tacacs+ aaa accounting network default wait-start group radius aaa accounting system default start-stop group radius tacacs-server host 192.168.0.15 tacacs-server key XXXXXXXX radius-server host 192.168.0.15 auth-port 1812 acct-port 1813 key XXXXXXXX radius-server retransmit 3 radius-server vsa send accounting The tacacs server is avaliable here: http://www.pro-bono-publico.de/projects/ regards, Frank Ranner - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
