Reference Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4820T

681

682

683

684

685

686

687

688

689

690

– default | name: enter the name of a list of accounting methods.

– start-stop: use for more accounting information, to send a start-accounting notice at the beginning of

the requested event and a stop-accounting notice at the end.

– wait-start: ensures that the TACACS+ security server acknowledges the start notice before granting

the user's process request.

– stop-only: use for minimal accounting; instructs the TACACS+ server to send a stop record accounting

notice at the end of the requested user process.

– tacacs+: designate the security service. Currently, FTOS supports only TACACS+.

Suppressing AAA Accounting for Null Username Sessions

When you activate AAA accounting, the FTOS software issues accounting records for all users on the system, including

users whose username string, because of protocol translation, is NULL.

An example of this is a user who comes in on a line where the AAA authentication login method-list none

command is applied. To prevent accounting records from being generated for sessions that do not have usernames

associated with them, use the following command.

• Prevent accounting records from being generated for users whose username string is NULL.

CONFIGURATION mode

aaa accounting suppress null-username

Configuring Accounting of EXEC and Privilege-Level Command Usage

The network access server monitors the accounting functions defined in the TACACS+ attribute/value (AV) pairs.

• Configure AAA accounting to monitor accounting functions defined in TACACS+.

CONFIGURATION mode

aaa accounting system default start-stop tacacs+

aaa accounting command 15 default start-stop tacacs+

System accounting can use only the default method list.

In the following sample configuration, AAA accounting is set to track all usage of EXEC commands and commands on

privilege level 15.

Example of Configuring AAA Accounting to Track EXEC and EXEC Privilege Level Command Use

FTOS(conf)#aaa accounting exec default start-stop tacacs+

FTOS(conf)#aaa accounting command 15 default start-stop tacacs+

Configuring AAA Accounting for Terminal Lines

To enable AAA accounting with a named method list for a specific terminal line (where

com15

and

execAcct

are the

method list names), use the following commands.

• Configure AAA accounting for terminal lines.

CONFIG-LINE-VTY mode

accounting commands 15 com15

accounting exec execAcct

Example of Enabling AAA Accounting with a Named Method List

FTOS(config-line-vty)# accounting commands 15 com15

FTOS(config-line-vty)# accounting exec execAcct

690