Accounting is the process of keeping track of the activity of each
user who is accessing the network resources; including the amount of time spent
in the network, the services accessed while there, and the amount of data
transferred during the session. Accounting data is used for trend analysis,
capacity planning, billing, auditing and cost allocation.
AAA supports six different accounting types:
-
Network accounting – Provides information for all PPP, SLIP, or ARAP
sessions, including packet and byte counts
-
Connection accounting – Provides information about all outbound
connections made from the network, such as Telnet and remote login
(rlogin)
-
EXEC accounting – Provides information about user EXEC terminal
sessions (user shells) on the network access server, including username, date,
start and stop times, the access server IP address, and (for dial-in users) the
telephone number the call originated from
-
System accounting – Provides information about all system-level
events (for example, when the system reboots or when accounting is turned on or
off)
-
Command accounting – Provides information about the EXEC shell
commands for a specified privilege level that are being executed on a network
access server
-
Resource accounting – Provides start and stop record support for
calls that have passed user authentication
To configure AAA accounting using named method lists, use the commands
in listed in Figures
–
,
beginning in global configuration mode.
Comprehensive AAA
Configuration Example
Figure
shows how to
configure a Cisco access device for AAA services to be provided by the RADIUS
server for an access server with dialup links. If the RADIUS server fails to
respond, then the local database will be queried for authentication and
authorization information, and accounting services will be handled by a TACACS+
server.