EasyManuals Logo

IBM RackSwitch G8000 User Manual

IBM RackSwitch G8000
362 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #70 background imageLoading...
Page #70 background image
68 RackSwitch G8000: Application Guide
Accounting
Accounting is the action of recording a user's activities on the device for the
purposes of billing and/or security. It follows the authentication and authorization
actions. If the authentication and authorization is not performed via TACACS+, there
are no TACACS+ accounting messages sent out.
You can use TACACS+ to record and track software login access, configuration
changes, and interactive commands.
The G8000 supports the following TACACS+ accounting attributes:
protocol (console/Telnet/SSH/HTTP/HTTPS)
start_time
stop_time
elapsed_time
disc_cause
Note: When using the Browser-Based Interface, the TACACS+ Accounting Stop
records are sent only if the Logout button on the browser is clicked.
Command Authorization and Logging
When TACACS+ Command Authorization is enabled, N/OS configuration
commands are sent to the TACACS+ server for authorization. Use the following
command to enable TACACS+ Command Authorization:
When TACACS+ Command Logging is enabled, N/OS configuration commands are
logged on the TACACS+ server. Use the following command to enable TACACS+
Command Logging:
The following examples illustrate the format of N/OS commands sent to the
TACACS+ server:
Configuring TACACS+ Authentication on the Switch
1. Configure the IPv4 addresses of the Primary and Secondary TACACS+
servers, and enable TACACS authentication.
Note: You can use a configured loopback address as the source address so the
TACACS+ server accepts requests only from the expected loopback
address block. Use the following command to specify the loopback interface:
RS G8000(config)# ip tacacs source-interface loopback <1-5>
RS G8000(config)# tacacs-server command-authorization
RS G8000(config)# tacacs-server command-logging
authorization request, cmd=shell, cmd-arg=interface ip
accounting request, cmd=shell, cmd-arg=interface ip
authorization request, cmd=shell, cmd-arg=enable
accounting request, cmd=shell, cmd-arg=enable
RS G8000(config)# tacacs-server primary-host 10.10.1.1
RS G8000(config)# tacacs-server secondary-host 10.10.1.2
RS G8000(config)# tacacs-server enable

Table of Contents

Other manuals for IBM RackSwitch G8000

Preview: Guide
Guide17 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the IBM RackSwitch G8000 and is the answer not in the manual?

IBM RackSwitch G8000 Specifications

General IconGeneral
BrandIBM
ModelRackSwitch G8000
CategoryNetwork Router
LanguageEnglish

Related product manuals