Security

Reply
Frequent Contributor I

User log/accounting

Hi,

 

We want to keep track of users login times, user IDs and the device they login from (may be mac address). We are using dot1x auth on SSID. Dot1x authenticate against our nps server. 

 

Any ideas to achieve this? Can I get the details from controller and logs it somewhere?

Guru Elite

Re: User log/accounting

You would want to turn up RADIUS accounting. You will need some type of SQL server for NPS to store the data.

 

On the controller side, you would simply enable a RADIUS accounting server group.

 

Here's a doc from Microsoft on setting it up with NPS:

 

http://technet.microsoft.com/en-us/library/cc754123.aspx


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor I

Re: User log/accounting

Thanks for your prompt response. I will try that and will get back to you.

Frequent Contributor I

Re: User log/accounting

Where i can define accounting server on controller?

Guru Elite

Re: User log/accounting

Inside your AAA profile. You'll probably use the same server group as 802.1X.

 

radius-accounting-sg.png


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor I

Re: User log/accounting

Completely forgot, sorry. 

Working on it at the moment.

 

Thanks

Frequent Contributor I

Re: User log/accounting

Thanks for helping me with this. I have configured it. I am getting user name and time stamp but what I also need is user IP address which I am not getting. We want to log what IP user has at the time of login to track the details. Is it possible?

 

I only get the IP address of our controller as client.

Frequent Contributor I

Re: User log/accounting

I am sorry spoken too soon. Yes I am getting everything what I need.

Thanks a bunch

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: