Configuring Aaa Accounting Default Methods - Cisco Nexus 5000 Series Configuration Manual
Nx-os security configuration guide
Hide thumbs
Also See for Nexus 5000 Series:
- Cli configuration manual (660 pages) ,
- Configuration manual (334 pages) ,
- Command reference manual (196 pages)
Table of Contents
Advertisement
Configuring AAA Accounting Default Methods
Configuring AAA Accounting Default Methods
The Cisco Nexus 5000 Series switch supports TACACS+ and RADIUS methods for accounting. The switches
report user activity to TACACS+ or RADIUS security servers in the form of accounting records. Each
accounting record contains accounting attribute-value (AV) pairs and is stored on the AAA server.
When you activate AAA accounting, the Cisco Nexus 5000 Series switch reports these attributes as accounting
records, which are then stored in an accounting log on the security server.
You can create default method lists defining specific accounting methods, which include the following:.
• RADIUS server group—Uses the global pool of RADIUS servers for accounting.
• Specified server group—Uses a specified RADIUS or TACACS+ server group for accounting.
• Local—Uses the local username or password database for accounting.
If you have configured server groups and the server groups do not respond, by default the local database
Note
is used for authentication.
Before you configure AAA accounting default methods, configure RADIUS or TACACS+ server groups as
needed.
To configure AAA accounting default methods, perform this task:
SUMMARY STEPS
1. switch# configure terminal
2. switch(config)# aaa accounting default {group group-list | local}
3. switch(config)# exit
4. (Optional) switch# show aaa accounting
5. (Optional) switch# copy running-config startup-config
DETAILED STEPS
Command or Action
Step 1
switch# configure terminal
Step 2
switch(config)# aaa accounting
default {group group-list | local}
OL-20919-01
Purpose
Enters configuration mode.
Configures default accounting method. One or more server group names can
be specified in a space separated list.
The group-list argument consists of a space-delimited list of group names.
The group names are of the following:
• radius —Uses the global pool of RADIUS servers for accounting.
• named-group —Uses a named subset of TACACS+ or RADIUS servers
for accounting.
The local method uses the local database for accounting.
Cisco Nexus 5000 Series NX-OS Security Configuration Guide
Configuring AAA
17
Advertisement
Table of Contents
