Wireless Access

last person joined: 22 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

On a controller, can I view the Radius attributes returned by an auth server during 802.1x auth ?

This thread has been viewed 10 times

  • 1.  On a controller, can I view the Radius attributes returned by an auth server during 802.1x auth ?

    Posted Apr 21, 2016 09:12 AM

    Hi all,

     

    If I configure a WLAN for 802.1x security, and I configure the controller to point to a Radius server via a server group, the controller will do role derivation based on the Radius attributes returned by the Radius server.

     

    I can clearly see the role selected and assigned to an authenticated use in the monitoring screens, but It doesnt show me the Radius attribute that were returned by the Radius server.  

     

    If I was looking on Clearpass the Access Tracker would show me the attributes sent back.  But I want to look at the values actually received by the controller.

     

    Can I do this ?  If so, how ?

     

    Thanks,

     

    Malcolm



  • 2.  RE: On a controller, can I view the Radius attributes returned by an auth server during 802.1x auth ?
    Best Answer

    EMPLOYEE
    Posted Apr 21, 2016 09:21 AM
    You'll hve to enable debugging and then look at the security logs


    logging level debugging security process authmgr
    logging level debugging security subcat aaa

    Show log security 25


  • 3.  RE: On a controller, can I view the Radius attributes returned by an auth server during 802.1x auth ?
    Best Answer

    Posted Apr 21, 2016 09:22 AM
    Yes.

    You need to enable the following debug logging level

    (config) # logging level debugging security process authmgr
    (config) # logging level debugging security subcat aaa

    show log security all

    Sent from Outlook for iPhone