Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

How to get logs for destination traffic?

This thread has been viewed 7 times

  • 1.  How to get logs for destination traffic?

    Posted May 21, 2014 09:37 AM

    Hi,

     

    Context: to comply with the french law, a company that offers internet guest access has to collect specific information such as data that helps tracking destination traffic. 

    Our goal is to offer internet guest access with ClearPass. I know we cannot log destination traffic with that platform.

    Is there any way to get this info from the controller? If so, what is the command? Can we send this log to a syslog server?

     

    Thanks,

     

    Vince



  • 2.  RE: How to get logs for destination traffic?
    Best Answer

    Posted May 21, 2014 09:55 AM

    You can log this through the firewall policies; and yes, this can be sent to syslog.

     

    Example of firewall policy set to log:

     

    ip access-list session france-users-log

      user any any permit log

     



  • 3.  RE: How to get logs for destination traffic?

    Posted May 21, 2014 10:26 AM

    Thanks for the quick answer.

     

    Do you have a sample of the log we can get?



  • 4.  RE: How to get logs for destination traffic?

    Posted May 21, 2014 11:10 AM

    Example log entry (in Security Log):

     

    May 21 10:08:12 :124006:  <WARN> |authmgr|  {0} TCP srcip=192.168.13.148 srcport=54822 dstip=199.127.104.94 dstport=443, action=permit, role=authenticated, policy=allow-all-log