Hi All,
We run a hosted Aruba solution for several colleges and we use a Palo Alto firewall with UserID authentication. We send a syslog message to a syslog server that then sorts out which college the user is from and then it forwards the message to the correct UserID agent.
This has worked fine but we are starting to have some issues with it where the controllers do not send a syslog message when the users logs on.
Does anyone know if there is a limit to how many syslog messages the controllers can send at any given time? Or how to debug why a certain syslog message is not sent from the controller even if it should?
Our setup is 7210 as Master/Master standby controllers and 7220 as local controllers. The Master controllers has no access point terminating on them.
Logging levels
--------------
Facility Level
-------- -----
arm warnings
network warnings
security warnings
system warnings
user notifications
wireless warnings
Logging configuration
logging level notifications user process authmgr
logging level notifications user
logging level notifications user subcat all
logging level notifications user subcat captive-portal
logging level notifications user subcat client-match
logging level notifications user subcat dot1x
logging level notifications user subcat mapc
logging level notifications user subcat pan
logging level notifications user subcat radius
logging level notifications user subcat voice
logging level notifications user subcat vpn
logging 10.150.111.251 type user severity informational
logging 10.150.113.51 type user severity informational