From: Leigh Harrison (ccileigh@gmail.com)
Date: Tue Mar 28 2006 - 10:39:48 GMT-3
Hey there Mohamed,
This is from rough memory, but here goes:-
aaa new-model
! For authentication
aaa authentication login default tacacs+
aaa authentication enable default tacacs+
! For logging commands
aaa accounting commands 1 default stop-only group tacacs+
aaa accounting commands 15 default stop-only group tacacs+
! To define the tacacs server
tacacs-server host 1.2.3.4
tacacs-server key password
And when you edit tac.conf you'll want something along these lines in
there:-
key = "password"
accounting file = /var/www/tacacs.txt
user = leighharrison {
default service = permit
login = cleartext password
}
user = $enab15$ {
login = cleartext enablepassword
You can get the software free from either sourceforge (www.sf.net) or
the cisco anonymous ftp site
Enjoy
LH
Mohamed.N wrote:
> hi LH
> this looks like a gr8 idea..
> can u pls send me the router config and tacacs conf ? it might be painful
> for u,,but pls help me..
> i will also migrate from raidus to tacacs..
> actually i made a plan to upgrade ios which will support that feature i got
> in this mailing list, and really the solution u suggested will make us
> peaceful..
>
> Thanks
> Mohamed.
>
> ----- Original Message -----
> From: "Leigh Harrison" <ccileigh@gmail.com>
> To: "Henk de Tombe" <henk.de.tombe@qi.nl>
> Cc: "'Alexei Monastyrnyi'" <alexeim@orcsoftware.com>; "Petr Lapukhov"
> <petrsoft@gmail.com>; "Mohamed.N" <mohamed_n@sifycorp.com>;
> <ccielab@groupstudy.com>
> Sent: Tuesday, March 28, 2006 2:48 PM
> Subject: Re: cisco 3640 and syslog
>
>
>> Hey there Chaps,
>>
>> These are great features and you probably won't need this, but.....
>>
>> In a network that I was once looking after, I had Tac_Plus running on a
>> server (it was a linux one). It performs all sorts of tacacs and aaa
>> type things. I had it logging user inputted commands to /var/www/ which
>> was the web root. What that meant was, it was logging all of the
>> commands, when and by which user and them displaying them as a web
>> page. Only I knew the url and password ;)
>>
>> Hope that is some food for thought..
>> LH
>>
>> Henk de Tombe wrote:
>>> Hi,
>>>
>>> The two links provided by Petr are the same, he probably means the
> following
>>> links:-)
>>>
>>>
>>> Change notification and logging
>>>
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123
>>> t/123t_4/gtconlog.htm
>>>
>>>
>>> Login Enhancements
>>>
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123
>>> t/123t_4/gt_login.htm
>>>
>>>
>>> regards,
>>> Henk
>>>
>>>
>>> -----Oorspronkelijk bericht-----
>>> Van: nobody@groupstudy.com [mailto:nobody@groupstudy.com] Namens Alexei
>>> Monastyrnyi
>>> Verzonden: maandag 27 maart 2006 13:14
>>> Aan: Petr Lapukhov
>>> CC: Mohamed.N; ccielab@groupstudy.com
>>> Onderwerp: Re: cisco 3640 and syslog
>>>
>>> good indeed! didn't know about this new feature... thanks!
>>>
>>> on 27/03/2006 13:03 Petr Lapukhov wrote:
>>>
>>>> Okay now, let's be serious :))
>>>>
>>>> You should check out:
>>>>
>>>> Change notification and logging
>>>>
>>>>
>>>>
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123
>>> t/123t_4/gtconlog.htm
>>>
>>>> Login Enhancements
>>>>
>>>>
>>>>
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123
>>> t/123t_4/gtconlog.htm
>>>
>>>> HTH
>>>> Petr
>>>>
>>>> 27.03.06, Alexei Monastyrnyi <alexeim@orcsoftware.com> NAPISAL(A):
>>>>
>>>>
>>>>> logging trap info
>>>>>
>>>>> and let God help you :-)
>>>>>
>>>>> on 27/03/2006 12:37 Mohamed.N wrote:
>>>>>
>>>>>
>>>>>> Hi all
>>>>>>
>>>>>> Could i configure a cisco router to log all commands, login ,logoff
> into
>>>>>>
>>>>> a
>>>>>
>>>>>
>>>>>> syslog server ?
>>>>>> I am using cisco 3640 and freeradius linux RADIUS server.
>>>>>>
>>>>>> Thanks
>>>>>> Mohamed.
>>>>>> ********** DISCLAIMER **********
>>>>>> Information contained and transmitted by this E-MAIL is proprietary
> to
>>>>>> Sify Limited and is intended for use only by the individual or entity
> to
>>>>>> which it is addressed, and may contain information that is
> privileged,
>>>>>> confidential or exempt from disclosure under applicable law. If this
> is
>>>>>>
>>>>> a
>>>>>
>>>>>
>>>>>> forwarded message, the content of this E-MAIL may not have been sent
>>>>>>
>>>>>>
>>>>> with
>>>>>
>>>>>
>>>>>> the authority of the Company. If you are not the intended recipient,
> an
>>>>>> agent of the intended recipient or a person responsible for
> delivering
>>>>>>
>>>>> the
>>>>>
>>>>>
>>>>>> information to the named recipient, you are notified that any use,
>>>>>> distribution, transmission, printing, copying or dissemination of
> this
>>>>>> information in any way or in any manner is strictly prohibited. If
> you
>>>>>>
>>>>> have
>>>>>
>>>>>
>>>>>> received this communication in error, please delete this mail &
> notify
>>>>>>
>>>>> us
>>>>>
>>>>>
>>>>>> immediately at admin@sifycorp.com
>>>>>>
>>>>>> www.sify.com - your homepage on the internet for news, sports,
> finance,
>>>>>> astrology, movies, entertainment, food, languages etc
>>>>>>
>>>>>>
> _______________________________________________________________________
>>>>>> Subscription information may be found at:
>>>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>>>
>>>>>>
> _______________________________________________________________________
>>>>> Subscription information may be found at:
>>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Apr 01 2006 - 10:07:40 GMT-3