tacacs+ snmp accouning

Discussion in 'Cisco' started by Oliver Schlosser, Jul 6, 2003.

  1. Hello all,

    i have installed a tacacs server to do all console and tty accounting and

    Does anybody know how to configure tacacs authorization for snmp. I need
    this to monitor the changes witch are done by
    snmp for example from cisco view !.

    I need that for IOS and Catos.


    Oliver Schlosser, Jul 6, 2003
    1. Advertisements

  2. Oliver Schlosser

    wineguyatl Guest

    I don't think you can get tacacs Auth for snmp writes. I did a quick
    search of the docs and nothing jumped out.

    I would suggest setting up a syslog server and have your
    routers/switches write back to it.

    For windows www.kiwisyslog.com has a great syslog server, linux has a
    syslog server built-in.

    gets via the RW snmp server community statment are recoreded in the
    logging buffer in IOS as shown below:

    "%SYS-4-SNMP_WRITENET: SNMP WriteNet request. Writing current

    CatIos gives something like:
    "SYS-6:Global block changed by SNMP/"

    You might need to make some changes in both the IOS and CatIOS to make
    sure certain "logging" and "facility" levels are adjusted to log the
    changes. The CatIos is a little more tricky.

    Another safe guard would be to limit snmp access to the device via an
    access list. This way only a specific ip address can access via snmp.
    wineguyatl, Jul 7, 2003
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.