ACS accounting records should give you all the information including user ID, MAC address and IP address. The ACS "Passed authentication" records do not have IP address info for 802.1x auth, but you can find IP address info in the accounting records.
Dennis Xu Network Analyst(CCS) University of Guelph 5198244120 x 56217 From: Lee H Badman [mailto:[EMAIL PROTECTED] Sent: January-18-08 2:48 PM To: [email protected] Subject: [WIRELESS-LAN] Wireless User Logging? In the context of a different network project, we are struggling to fulfill certain logging goals, and I'd like to know if there are options I am overlooking. Cisco WLAN Hardware set- 24 WiSMS at 4.2.61.0 code, and WCS at 4.2.62.0, and on our 802.1x WLAN, we use Cisco ACS 3.3.3 for RADIUS to query Active Directory for user validity. Basically, we'd to track user ID, user Mac address, and user IP address for each successful wireless connection for some period, likely measured in weeks. So far, I do not see any logging abilities within the LWAPP framework that would afford sending this specific data off to a syslog server (or SNMP receiver)- it seems only "system events" get logged, but not detailed info on client connections. Maybe something at the CLI I have yet to find? ACS is limited- it does not syslog this either, and even if it did, it would not include IP address as it is only used in the 802.1x auth process which preceeds DHCP functions... Wondering if anyone else has gone down this road- on the surface it seems like a fairly simple goal, but thus far the light bulb over my head won't light. Thanks- Lee Lee H. Badman Wireless/Network Engineer Information Technology and Services Syracuse University 315 443-3003 ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
