09-28-2010 01:11 PM
From a configuration standpoint, this would be great - save me from creating 200 new entries in IAS, but does nothing for me as far as being able to track my authentication requests and usage.
From the LMS:
(Aruba620) # show ip radius nas-ip
RADIUS client NAS IP address = 192.168.2.32
Problem is, I don't remember ever putting that in the config. Is it safe to just remove it with a simple "no ip radius nas-ip" command?
^^^ No, it isn't. I used that command and the IP of the master is still there.
How can I get the authentications to use the IP of the LMS?
PS: I also tried turning off the master controller and authenticating from the LMS - requests still showed up in IAS as coming from the master's IP.
09-28-2010 03:06 PM
The nas-ip address is just a variable that is passed to the radius server, and nothing more.
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs
10-01-2010 07:13 AM
This looks to be "fixed."
Looks like maybe somebody changed the reporting (or maybe it was never set up properly to begin with?).
We use IAS Log Viewer to analyze the logs, and it's always just reported the "Server IP" as the IP of our current wireless access points (Cisco).
For the Aruba local controllers it was reporting back the IP of the master. After looking more carefully at the individual connects, there is also a "Client IP" column that wasn't in the main log view. The client IP is showing the correct IP of the local controllers - just needed to add that column to the main reporting screen.
DOH! Learn something new every day!