Wireless Access

Reply
New Contributor
Posts: 3
Registered: ‎12-01-2008

log level question for PEF

Quick question, what is the loglevel to get NAT and PAT translates from an aruba controller? I'm stuck but I still don't feel like wasting an afternoon on with TAC. Does someone know offhand?

 

Thanks!

 

MVP
Posts: 562
Registered: ‎11-28-2011

Re: log level question for PEF

What is it exactly that you want to log? Every NAT'ed session? Surely not? That might result in loads of information you don't want. Probably better to add a rule into the role the users are in (that you're looking at) with the log variable at the end. Would be much more surgical. What are you trying to find out?

Kudos appreciated, but I'm not hunting! (ACMX 104)
Guru Elite
Posts: 21,037
Registered: ‎03-29-2007

Re: log level question for PEF


appahman wrote:

Quick question, what is the loglevel to get NAT and PAT translates from an aruba controller? I'm stuck but I still don't feel like wasting an afternoon on with TAC. Does someone know offhand?

 

Thanks!

 


it should be in the security log, by default.

 

"show log security <x>" or just sent to external syslog.

 

Please see the post here for details:  http://community.arubanetworks.com/t5/ArubaOS-and-Controllers/How-to-perform-legal-interception/m-p/3823/highlight/true#M1165 for more details.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor
Posts: 3
Registered: ‎12-01-2008

Re: log level question for PEF

yes, as we have a PAT rule that makes it difficult to track down what did what,

 

the scenario here is that we have a virus detected from without the organization coming from our public, incedental use wireless (users are identified but anyone can get a day use username and pw) it provides a port, IP, and time. 

 

so yes, we are interested in the translates: but as you suggest just collecting guest user NAT translates would be better (as this is the only PAT'ed range).

 

how could I collect such a thing? Suggestions? 

 

 

 

New Contributor
Posts: 3
Registered: ‎12-01-2008

Re: log level question for PEF

what command do I use for output of the logfiles as described in the link?

 

 

Please see the post here for details:  http://community.arubanetworks.com/t5/ArubaOS-and-Controllers/How-to-perform-legal-interception/m-p/... for more details.

 

it talks about the format of the information and possible storage, but no command to tell it where to go?

I think this will suffice for me, but I need to know more.

help?

Guru Elite
Posts: 21,037
Registered: ‎03-29-2007

Re: log level question for PEF

[ Edited ]

appahman wrote:

what command do I use for output of the logfiles as described in the link?

 

 

Please see the post here for details:  http://community.arubanetworks.com/t5/ArubaOS-and-Controllers/How-to-perform-legal-interception/m-p/... for more details.

 

it talks about the format of the information and possible storage, but no command to tell it where to go?

I think this will suffice for me, but I need to know more.

help?


That would be in the security log, so to send it to a syslog server you do this:

 

config t

logging <ip address of syslog server> security

 

 


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: