Wireless Access

Reply
Occasional Contributor I

LDAP logs

Hello,

I need some help getting the logs from my aruba 7005 controller.  I currently have the Aruba trying to send logs to syslog-ng on CentOS 7.x. 

 

logging level debugging security
logging level warnings security subcat ids
logging level warnings security subcat ids-ap
logging level debugging user
logging level debugging user subcat dot1x
logging facility local7
logging 10.1.6.146 type arm-user-debug severity debugging
logging level debugging user-debug f4:5c:89:94:64:6d
logging level debugging user-debug 94:65:2d:c5:93:63

This is what I have currenlty. 

My question is 1) is this setup correctly? 2) is there a way to get more granular w/ the logging?

Guru Elite

Re: LDAP logs

What are you trying to capture? 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor I

Re: LDAP logs

In the past 4 months i've implemented a new LDAP system.  FreeIPA from Redhat (formerly 389 Directory Services).  I had it working and authenticating users to wireless for about 2 months no issues.  I did some updates and it stopped.  I'm sure something changed.  We also upgraded Aruba Controller to 6.4.4.16.  I have tried changing the auth method from clear-text to ldap-s (port 689).

 

And yes FreeIPA is listening on that port.

 

I'm still trying to learn the aruba (realy cool hardware).  But have come from a Cisco side of things.  So any and all help is greatly appreciated.

Guru Elite

Re: LDAP logs

Okay, do this:

 

config t
logging level debugging security process authmgr
logging level debugging security subcat aaa

Type "show log security 50" to see details on what happened after.

 

ldap-s requires certificates and that is an advanced topic.  You should be able to get it to first work with on port 389.

 

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor I

Re: LDAP logs

So I switched it back and BOOM.  Everything started working....

 

So now I want to make sure that I send all those logs to syslog-ng.  How do I do that with my current logging config?

Guru Elite

Re: LDAP logs

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: