EasyManua.ls Logo

Dell PowerConnect B-RX - Configuring TACACS+ Accounting

Dell PowerConnect B-RX
1458 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
BigIron RX Series Configuration Guide 95
53-1002253-01
Configuring TACACS and TACACS+ security
4
AAA support for console commands
To enable AAA support for commands entered at the console, enter the following command.
BigIron RX(config)# enable aaa console
Syntax: [no] enable aaa console
NOTES: AAA support for commands entered at the console can include the following:
Login prompt that uses AAA authentication, using authentication-method lists
Exec Authorization
Exec Accounting
System Accounting
Configuring TACACS+ accounting
The device supports TACACS+ accounting for recording information about user activity and system
events. When you configure TACACS+ accounting on a device, information is sent to a TACACS+
accounting server when specified events occur, such as when a user logs into the device or the
system is rebooted.
Configuring TACACS+ accounting for Telnet/SSH (Shell) access
To send an Accounting Start packet to the TACACS+ accounting server when an authenticated user
establishes a Telnet or SSH session on the BigIron RX, and an Accounting Stop packet when the
user logs out.
BigIron RX(config)# aaa accounting exec default start-stop tacacs+
Syntax: aaa accounting exec default start-stop radius | tacacs+ | none
Configuring TACACS+ accounting for CLI commands
You can configure TACACS+ accounting for CLI commands by specifying a privilege level whose
commands require accounting. For example, to configure the BigIron RX to perform TACACS+
accounting for the commands available at the Super User privilege level (that is; all commands on
the device), enter the following command.
BigIron RX(config)# aaa accounting commands 0 default start-stop tacacs+
An Accounting Start packet is sent to the TACACS+ accounting server when a user enters a
command, and an Accounting Stop packet is sent when the service provided by the command is
completed.
NOTE
If authorization is enabled, and the command requires authorization, then authorization is
performed before accounting takes place. If authorization fails for the command, no accounting
takes place.
Syntax: aaa accounting commands <privilege-level> default start-stop radius | tacacs+ | none
The <privilege-level> parameter can be one of the following:
0 – Records commands available at the Super User level (all commands)

Table of Contents

Other manuals for Dell PowerConnect B-RX

Preview: Getting Started Guide
Getting Started Guide32 pages

Related product manuals