10-23-2012 06:50 AM
Short version: Is there any web logging features on the 3600 controller or Clearpass appliance?
Long version: We just deployed an Aruba wireless network at our high school. The back end setup is a couple of 3600 controllers setup as Master-Local. We also have a Clearpass appliance. We're a Novell shop so we run eDirectory. Our web filter watches eDirectory via an LDAP bind to see if the "network address" attribute for a user is populated and logs their activity by directory username and device IP address. We're using the captive portal feature on the Clearpass. When a user authenticates through the portal, the web filter does not populate the user field in the web log. The users are treated as anonymous. It has been explained to me that the radius server is performing an LDAP bind, confirming credentials, and then promptly unbinding. At this point, our web filter does not have radius support.
I was hoping that either the Aruba controllers or the Clearpass appliance keeps track of web traffic. The filter can continue to do its job there, but I need some way to keep track of where students are going and be able to tie web requests back to specific accounts.
Any thoughts on this would be very helpful.