Wireless Access

Hi,

 

1) How can i get existing user session loging details on the controller.?

2) How many last user session log details i can find on controller?

 

Regards,

Nik..

 

The controller will show all active sessions.



Historical information would require AirWave or you can look at RADIUS logs.

Hi,

We have ClearPass as a radius.

Actually, 3 SSID(EMPL, CORP & GUEST) configured on controller. For guest SSID we have enabled interface NAT(controller IP) & we allowed only http & https traffic for controller IP through Checkpoint firewall.

WIP is not enabled on controller.

 

Yesterday we got vurnability alert from checkpoint firewall that, source IP (Controller IP) destination (Public IP). But i could not find out actual source IP on the controller.

How can i find out that? if this issue occur again? 

 

Regards,

Nik...

You'd either need to look in the RADIUS accounting logs or in AirWave for the private IP but it likely won't help you with the PAT to private IP mapping. If NAT logging is critical, you should consider doing NAT upstream.


Thanks,
Tim

Hi,

 

You can get only current user sessions in the controller , for the history for a period of time, you need to use Airwave, if you are using IAP terminating on the Central you can get from Central.

To get the active user sessions, you can use the following command, "show user-table"

 

Please feel free for any further help on this.