In this step, we can configure accounting on Router1 using AAA. Enter privilege EXEC mode either via console or Telnet as cisco15.
If a TACACS+ server is not available, the results will not be stored but recording will occur.
Enter the following configurations on the router R1:
Router1(config)#aaa accounting exec default start-stop group tacacs+
Router1(config)#aaa accounting commands 15 default start-stop group tacacs+
Router1(config)#aaa accounting network default start-stop group tacacs+
Router1(config)#aaa accounting connection default start-stop group tacacs+
Router1(config)#aaa accounting system default start-stop group tacacs+
The following is a brief description of each of the command options:
Option | Result |
aaa | Enables a AAA command |
accounting | Enables accounting or tracking a feature of AAA |
exec | Monitors EXEC commands on the device |
commands 15 | Monitors commands by privilege level 15 users, can be 0 to 15 |
network | Monitors network services like PPP, ARAP |
connection | Monitors outbound Telnet, rlogin sessions |
system | Monitors system events like reload, shutdown |
start-stop | Includes both Start and Stop recordings |
default | Uses the default list instead of a custom list |
group | Uses a group of servers like primary and secondary |
tacacs+ | Uses the TACACS+ server |
On Router1, enable debugging on the AAA accounting services on the router:
Router1#debug aaa accounting
AAA Accounting debugging is on
Using Host A once more, Telnet into the router using the cisco15 account. Once connected, issue some basic commands like show running-config. Next, return to the console session and notice that the router displays in-depth details of the AAA accounting transactions taking place on the router itself. This is due to debugging the AAA accounting services on the router:
02:08:59: AAA/ACCT/CMD: User cisco15, Port tty2, Priv 15:"show running-config cr"
02:08:59: AAA/ACCT/CMD: Found list "default"
02:08:59: AAA/ACCT: user cisco15, acct type 3 (3901449983):
Method=tacacs+ (tacacs+)
02:09:20: AAA/ACCT/CMD: User cisco15, Port tty2, Priv 15:"copy running-config startup-config cr"
02:09:20: AAA/ACCT/CMD: Found list "default"
02:09:20: AAA/ACCT: user cisco15, acct type 3 (2545785330):
Method=tacacs+ (tacacs+)