Home > Cisco > Control System > Cisco Acs 57 User Guide

Cisco Acs 57 User Guide

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Cisco Acs 57 User Guide. The Cisco manuals for Control System are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 531

    Page 531 7 Understanding Logging About Logging Remote Syslog Server Target You can use the web interface to configure logging category messages so that they are sent to remote syslog server targets. Log messages are sent to the remote syslog server targets in accordance with the syslog protocol standard (see RFC-3164). The syslog protocol is an unsecure UDP. Log messages are sent to the remote syslog server with this syslog message header format, which precedes the local store syslog message format (see... 
    7   
Understanding Logging
About Logging
Remote Syslog Server Target
You can use the web interface to configure logging category messages so that they are sent to remote syslog server 
targets. Log messages are sent to the remote syslog server targets in accordance with the syslog protocol standard (see 
RFC-3164). The syslog protocol is an unsecure UDP.
Log messages are sent to the remote syslog server with this syslog message header format, which precedes the local 
store syslog message format (see...

    Page 532

    Page 532 8 Understanding Logging About Logging The syslog message data or payload is the same as the Local Store Message Format, which is described in Table 37 on page 5. The remote syslog server targets are identified by the facility code names LOCAL0 to LOCAL7 (LOCAL6 is the default logging location.) Log messages that you assign to the remote syslog server are sent to the default location for Linux syslog (/var/log/messages), however; you can configure a different location on the server. The remote... 
    8
Understanding Logging
 
About Logging
The syslog message data or payload is the same as the Local Store Message Format, which is described in Table 37 on 
page 5.
The remote syslog server targets are identified by the facility code names LOCAL0 to LOCAL7 (LOCAL6 is the default 
logging location.) Log messages that you assign to the remote syslog server are sent to the default location for Linux 
syslog (/var/log/messages), however; you can configure a different location on the server. 
The remote...

    Page 533

    Page 533 9 Understanding Logging ACS 4.x Versus ACS 5.7 Logging Figure 2 Monitoring and Reports Viewer The Monitoring and Report Viewer has two drawer options: Monitoring and Reports—Use this drawer to view and configure alarms, view log reports, and perform troubleshooting tasks. Monitoring Configuration—Use this drawer to view and configure logging operations and system settings. In addition to the information that is captured in the log messages described in Logging Categories, page 2, the Viewer... 
    9   
Understanding Logging
ACS 4.x Versus ACS 5.7 Logging
Figure 2 Monitoring and Reports Viewer
The Monitoring and Report Viewer has two drawer options:
Monitoring and Reports—Use this drawer to view and configure alarms, view log reports, and perform 
troubleshooting tasks.
Monitoring Configuration—Use this drawer to view and configure logging operations and system settings.
In addition to the information that is captured in the log messages described in Logging Categories, page 2, the Viewer...

    Page 534

    Page 534 10 Understanding Logging ACS 4.x Versus ACS 5.7 Logging Table 39 ACS 4.x vs. ACS 5.7 Logging Functionality This logging function… is handled this way in ACS 4.x… and this way in ACS 5.7 Log TypesAAA-related logs contain information about the use of remote access services by users. Audit logs contain information about the ACS system and activities and, therefore, record system-related events. These logs are useful for troubleshooting or audits. CSV audit logs are always enabled, and you can... 
    10
Understanding Logging
 
ACS 4.x Versus ACS 5.7 Logging
Table 39 ACS 4.x vs. ACS 5.7 Logging Functionality
This logging function… is handled this way in ACS 4.x… and this way in ACS 5.7
Log TypesAAA-related logs contain information 
about the use of remote access 
services by users. 
Audit logs contain information about 
the ACS system and activities and, 
therefore, record system-related 
events. 
These logs are useful for 
troubleshooting or audits. CSV audit 
logs are always enabled, and you can...

    Page 535

    Page 535 11 Understanding Logging ACS 4.x Versus ACS 5.7 Logging Configuration Use the System Configuration > Logging page to define: Loggers and individual logs Critical loggers Remote logging CSV log file Syslog log ODBC logSee Configuring Local and Remote Log Storage, page 23 and the CLI Reference Guide for Cisco Secure Access Control System 5.7. Viewing and Downloading Log MessagesUse the Reports and Activity pages. See Viewing Log Messages, page 8. Troubleshooting with Log MessagesService log... 
    11   
Understanding Logging
ACS 4.x Versus ACS 5.7 Logging
Configuration Use the System Configuration > Logging 
page to define:
Loggers and individual logs
Critical loggers
Remote logging
CSV log file
Syslog log
ODBC logSee Configuring Local and Remote Log 
Storage, page 23 and the CLI Reference 
Guide for Cisco Secure Access Control 
System 5.7.
Viewing and Downloading Log 
MessagesUse the Reports and Activity pages. See Viewing Log Messages, page 8.
Troubleshooting with Log 
MessagesService log...

    Page 536

    Page 536 12 Understanding Logging ACS 4.x Versus ACS 5.7 Logging 
    12
Understanding Logging
 
ACS 4.x Versus ACS 5.7 Logging

    Page 537

    Page 537 1 Cisco Systems, Inc.www.cisco.com AAA Protocols This section contains the following topics: Typical Use Cases, page 1 Access Protocols—TACACS+ and RADIUS, page 4 Overview of TACACS+, page 5 Overview of RADIUS, page 5 Typical Use Cases This section contains the following topics: Device Administration (TACACS+), page 1 Network Access (RADIUS With and Without EAP), page 2 Device Administration (TACACS+) Figure 3 on page 1 shows the flows associated with device administration. The two primary... 
    1
Cisco Systems, Inc.www.cisco.com
 
AAA Protocols
This section contains the following topics:
Typical Use Cases, page 1
Access Protocols—TACACS+ and RADIUS, page 4
Overview of TACACS+, page 5
Overview of RADIUS, page 5
Typical Use Cases
This section contains the following topics:
Device Administration (TACACS+), page 1
Network Access (RADIUS With and Without EAP), page 2
Device Administration (TACACS+)
Figure 3 on page 1 shows the flows associated with device administration. The two primary...

    Page 538

    Page 538 2 AAA Protocols Typical Use Cases 4.ACS sends a TACACS+ response to the network device that applies the decision. The response includes parameters, such as the privilege level that determines the level of administrator access for the duration of the session. Command Authorization Requests Note: The numbers refer to Figure 3Device Administration Flow, page 1. For command authorization: 1.An administrator issues a command at a network device. 2.The network device sends a TACACS+ access request to ACS.... 
    2
AAA Protocols
 
Typical Use Cases
4.ACS sends a TACACS+ response to the network device that applies the decision. The response includes 
parameters, such as the privilege level that determines the level of administrator access for the duration of the 
session.
Command Authorization Requests
Note: The numbers refer to Figure 3Device Administration Flow, page 1.
For command authorization:
1.An administrator issues a command at a network device.
2.The network device sends a TACACS+ access request to ACS....

    Page 539

    Page 539 3 AAA Protocols Typical Use Cases For more information on RADIUS-based flows with EAP authentication, see RADIUS-Based Flows with EAP Authentication, page 3. RADIUS-Based Flow Without EAP Authentication This section describes RADIUS-based workflow without EAP authentication. For RADIUS with PAP authentication: 1.A host connects to a network device. 2.The network device sends a RADIUS Access-Request to ACS, containing RADIUS attributes appropriate to the specific protocol that is being used (PAP,... 
    3   
AAA Protocols
Typical Use Cases
For more information on RADIUS-based flows with EAP authentication, see RADIUS-Based Flows with EAP 
Authentication, page 3.
RADIUS-Based Flow Without EAP Authentication
This section describes RADIUS-based workflow without EAP authentication.
For RADIUS with PAP authentication:
1.A host connects to a network device.
2.The network device sends a RADIUS Access-Request to ACS, containing RADIUS attributes appropriate to the 
specific protocol that is being used (PAP,...

    Page 540

    Page 540 4 AAA Protocols Access Protocols—TACACS+ and RADIUS For all EAP authentications: 1.A host connects to a network device. 2.The network device sends an EAP Request to the host. 3.The host replies with an EAP Response to the network device. 4.The network device encapsulates the EAP Response that it received from the host into a RADIUS Access-Request (using the EAP-Message RADIUS attribute) and sends the RADIUS Access-Request to ACS. 5.ACS extracts the EAP Response from the RADIUS packet and creates a new... 
    4
AAA Protocols
 
Access Protocols—TACACS+ and RADIUS
For all EAP authentications:
1.A host connects to a network device.
2.The network device sends an EAP Request to the host.
3.The host replies with an EAP Response to the network device.
4.The network device encapsulates the EAP Response that it received from the host into a RADIUS Access-Request 
(using the EAP-Message RADIUS attribute) and sends the RADIUS Access-Request to ACS.
5.ACS extracts the EAP Response from the RADIUS packet and creates a new...
    Start reading Cisco Acs 57 User Guide

    Related Manuals for Cisco Acs 57 User Guide

    All Cisco manuals