Restrictions For Configuring Accounting - Cisco Catalyst 2960 series Configuration Manual
Consolidated platform configuration guide, ios release 15.2(4)e
Hide thumbs
Also See for Catalyst 2960 series:
- Software configuration manual (980 pages) ,
- Command reference manual (800 pages) ,
- Configuration manual (120 pages)
Table of Contents
Advertisement
Restrictions for Configuring Accounting
• Enable AAA on the network access server by using the aaa new-modelcommand in global configuration
• Define the characteristics of the RADIUS or TACACS+ security server if RADIUS or TACACS+
Restrictions for Configuring Accounting
• Accounting information can be sent simultaneously to a maximum of only four AAA servers.
• For Service Selection Gateway (SSG) systems, the aaa accounting network broadcast command
Information About Configuring Accounting
Named Method Lists for Accounting
Similar to authentication and authorization method lists, method lists for accounting define the way accounting
is performed and the sequence in which these methods are performed.
Named accounting method lists allow particular security protocol to be designated and used on specific lines
or interfaces for accounting services. The only exception is the default method list (which is named "default").
The default method list is automatically applied to all interfaces except those that have a named method list
explicitly defined. A defined method list overrides the default method list.
A method list is simply a named list describing the accounting methods to be queried (such as RADIUS or
TACACS+), in sequence. Method lists allow one or more security protocols to be designated and used for
accounting, thus ensuring a backup system for accounting in case the initial method fails. Cisco IOS software
uses the first method listed to support accounting; if that method fails to respond, the Cisco IOS software
selects the next accounting method listed in the method list. This process continues until there is successful
communication with a listed accounting method, or all methods defined are exhausted.
The Cisco IOS software attempts accounting with the next listed accounting method only when there is
Note
no response from the previous method. If accounting fails at any point in this cycle--meaning that the
security server responds by denying the user access--the accounting process stops and no other accounting
methods are attempted.
Accounting method lists are specific to the type of accounting being requested. AAA supports seven different
types of accounting:
• Network --Provides information for all PPP, SLIP, or ARAP sessions, including packet and byte counts.
• EXEC --Provides information about user EXEC terminal sessions of the network access server.
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
1004
mode.
authorization is issued. For more information about configuring the Cisco network access server to
communicate with the RADIUS security server, see the Configuring RADIUS module. For more
information about configuring the Cisco network access server to communicate with the TACACS+
security server, see the Configuring TACACS+ module.
broadcasts only start-stop accounting records. If interim accounting records are configured using the
ssg accounting interval command, the interim accounting records are sent only to the configured default
RADIUS server.
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
