"Sim, CT (Chee Tong)" wrote:
> I am doing a project on the access server and tried to log the status of the
> access server to a unix host using syslogd, I have done that, but I have a
> few question to ask
>
> 1)what is the meaning of the syntax "logging facility local0, local1,
> local2.. what I understand from the book is refer to where to log, but what
> are the difference between local0, local1, amd local2 and etc??? what is
> mean by where to log?? where does it refer to???
This will allow you to log to different files. For example, if you
have:
logging facility local4
on your router... Then a corresponding entry in your syslog.conf would
be:
local4.info /log/rtrlog
This tells syslogd on your unix host to save entries for local4 in the
file /log/rtrlog. One thing that I like to do is have one unix host as
my logging server. That way all devices (routers, switches, etc.) AND
other unix hosts send to the logging server. You only have to check one
server to get all your logs.
> 2)I found the information that log by the access server is not enough, it
> only log the when the Async1 is up and down, that mean when the access
> server was accessed (shown below)? What I want to log who is the one that
> access the access server, as I configured a lot of userID for people to
> access and I need to what ID they use, and achieve the AAA standard. Should
> I configured a TACACS+ server instead? What is the procedure to configure
> TACACS+ server? and How do I view the TACACS+ for info?? Pls help if u can.
-yes, use TACACS+
-to get TACACS+:
http://www.nttacplus.com/
ftp://ftp-eng.cisco.com/pub/tacacs/
CiscoSecure ACS
RSA ACE/Server
-for configuring to use TACACS+:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113ed_cr/secur_c/scprt2/sctplus.htm
The TACACS+ server can send the logs to your syslog server :-)
mark
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
