Nextelco:ASA aaa

From its-wiki.no
Revision as of 07:55, 19 August 2014 by Igaritano (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Authentication, Authorization & Accounting with ASA

  • Guidelines: ASA can send accounting information to a RADIUS or TACACS+ server about any TCP or UDP traffic that passes through it. If that traffic is also authenticated, then the AAA server can maintain accounting information by username. If the traffic is not authenticated, the AAA server can maintain accounting information by IP address. Accounting information includes when sessions start and stop, username, the number of bytes that pass through the adaptive security appliance for the session, the service used, and the duration of each session. Before you can use this command, you must first designate a AAA server with the aaa-server command. To enable accounting for traffic that is specified by an access list, use the aaa accounting match command. You cannot use the match command in the same configuration as the include and exclude commands. We suggest that you use the match command instead of the include and exclude commands; the include and exclude commands are not supported by ASDM. You cannot use the aaa accounting include and exclude commands between same-security interfaces. For that scenario, you must use the aaa accounting match command.

[1]








Return to Phase 1 page.

Return to Technology page.

Retrieved from "https://its-wiki.no/index.php?title=Nextelco:ASA_aaa&oldid=20763"