Appendix K Router Platform User Interface Reference

 

 

 

AAA Policy Page

 

 

 

Field Reference

Table K-42

Command Accounting Dialog Box

 

 

 

 

 

Element

 

Description

 

 

 

 

 

Privilege Level

 

The privilege level for which you want to define a command accounting list.

 

 

 

Valid values range from 0 to 15.

 

 

 

 

Generate Accounting

Defines when the device sends an accounting notice to the accounting server:

 

Records for

 

Start and Stop—Generates accounting records at the beginning and the

 

 

 

 

 

 

end of the user process. The user process begins regardless of whether

 

 

 

the accounting server receives the “start” accounting record.

 

 

 

Stop Only—Generates an accounting record at the end of the user

 

 

 

process only.

 

 

 

None—No accounting records are generated.

 

 

 

 

Prioritized Method List

Defines a sequential list of methods to be used when creating accounting

 

 

 

records for a user. Enter the names of one or more AAA server group objects

 

 

 

(up to four), or click Select to display an Object Selectors, page F-593. Use

 

 

 

the up and down arrows in the object selector to define the order in which the

 

 

 

selected server groups should be used.

 

 

 

The device tries initially to perform accounting using the first method in the

 

 

 

list. If that method fails to respond, the device tries the next method, and so

 

 

 

on, until a response is received.

 

 

 

If the AAA server group you want is not listed, click the Create button in the

 

 

 

selector to display the AAA Server Group Dialog Box, page F-12. From here

 

 

 

you can define a AAA server group object.

 

 

 

TACACS+ is the only supported method, but you can select multiple AAA

 

 

 

server groups configured with TACACS+.

 

 

 

Note If you select None as a method, it must appear as the last method in

 

 

 

the list.

 

 

 

 

Enable Broadcast to

When selected, enables the sending of accounting records to multiple AAA

 

Multiple Servers

 

servers. Accounting records are sent simultaneously to the first server in

 

 

 

each AAA server group defined in the method list. If the first server is

 

 

 

unavailable, failover occurs using the backup servers defined within that

 

 

 

group.

 

 

 

When deselected, accounting records are sent only to the first server in the

 

 

 

first AAA server group defined in the method list.

 

 

 

 

 

 

 

 

 

 

User Guide for Cisco Security Manager 3.2

 

 

 

 

 

 

 

 

OL-16066-01

 

 

 

K-97

 

 

 

 

Page 96 Page 98
Page 97
Image 97
Cisco Systems OL-16066-01 appendix Server groups configured with TACACS+
Page 96 Page 98
Top Page Image Contents