great-tk: IAP/AOS:WISPR RADIUS Authentication&Accounting

Aruba-AP-Group is
Aruba-Location-ID is IAP's MAC address

IAP's WISPr RADIUS Authentication & Accounting thru ClearPass

Username:

user1

End-Host Identifier:

0811968a546c

Access Device IP/Port:

10.215.1.39:0

RADIUS Request

Radius:Aruba:Aruba-AP-Group	instant-C5:86:02
Radius:Aruba:Aruba-Essid-Name	Yokohama-Wi-Fi
Radius:Aruba:Aruba-Location-Id	6c:f3:7f:c5:35:68
Radius:IETF:Called-Station-Id	6cf37fc53568
Radius:IETF:Calling-Station-Id	0811968a546c
Radius:IETF:NAS-IP-Address	10.215.1.39
Radius:IETF:NAS-Port	0
Radius:IETF:NAS-Port-Type	19
Radius:IETF:Service-Type	1
Radius:IETF:User-Name	user1
Radius:WISPr:WISPr-Location-ID	isocc=JP,cc=81,ac=0,network=Yokohama-Wi-Fi
Radius:WISPr:WISPr-Location-Name	Wi2Connect,Yokohama-Wi-Fi
Radius:WISPr:WISPr-Logoff-URL	https://securelogin.arubanetworks.com/cgi-bin/login?cmd=logout

Computed Attributes

Authentication:ErrorCode	0
Authentication:Full-Username	user1
Authentication:Full-Username-Normalized	user1
Authentication:MacAuth	NotApplicable
Authentication:OuterMethod	PAP
Authentication:Posture	Unknown
Authentication:Source	[Local User Repository]
Authentication:Status	User
Authentication:Username	user1
Authorization:Sources	[Local User Repository]
Connection:AP-Mac	6cf37fc53568
Connection:Client-Mac-Address	0811968a546c
Connection:Client-Mac-Address-Colon	08:11:96:8a:54:6c
Connection:Client-Mac-Address-Dot	0811.968a.546c
Connection:Client-Mac-Address-Hyphen	08-11-96-8a-54-6c
Connection:Client-Mac-Address-NoDelim	0811968a546c
Connection:Client-Mac-Vendor	Intel Corporate
Connection:Dest-IP-Address	10.215.107.105
Connection:Dest-Port	1812
Connection:NAD-IP-Address	10.215.1.39
Connection:Protocol	RADIUS
Connection:Src-IP-Address	10.215.1.39
Connection:Src-Port	49160
Connection:SSID	Yokohama-Wi-Fi

Account Session ID:

6CF37FD35694-0811968A546C-552CA6C5

Start Timestamp:

Apr 14, 2015 14:33:57 JST

End Timestamp:

Apr 14, 2015 14:35:22 JST

Status:

Inactive

Termination Cause:

Admin-Reset

Service Type:

Number of Authentication Sessions:

Network Details

NAS IP Address:	10.215.1.39:0
NAS Port Type:	Wireless-802.11
Calling Station ID:	0811968a546c
Called Station ID:	6cf37fc53568
Framed IP Address:	10.215.1.95
Account Auth:	-

Utilization

Active Time:	85 Sec
Account Delay Time:	-
Account Input Octets :	566288
Account Output Octets :	768014
Account Input Packets :	1601
Account Output Packets :	1065

Authentication Sessions Details

SessionId	Type	Time Stamp
R00000052-01-552ca6c5	initial	Apr 14, 2015 14:33:57 JST

6c:f3:7f:c5:35:68# show ap bss-table

Aruba AP BSS Table

------------------

bss ess port ip phy type ch/EIRP/max-EIRP cur-cl ap name in-t(s) tot-t

--- --- ---- -- --- ---- ---------------- ------ ------- ------- -----

6c:f3:7f:d3:56:90 IAP-guest ?/? 10.215.1.39 a-HT ap 132+/15/22 0 6c:f3:7f:c5:35:68 0 22d:23h:22m:51s

6c:f3:7f:d3:56:92 TK-IAP-205-1 ?/? 10.215.1.39 a-HT ap 132+/15/22 0 6c:f3:7f:c5:35:68 0 22d:23h:22m:43s

6c:f3:7f:d3:56:93 TK-IAP-205-EAP ?/? 10.215.1.39 a-HT ap 132+/15/22 0 6c:f3:7f:c5:35:68 0 22d:23h:22m:42s

6c:f3:7f:d3:56:94 Yokohama-Wi-Fi ?/? 10.215.1.39 a-HT ap 132+/15/22 0 6c:f3:7f:c5:35:68 0 22d:23h:22m:42s

6c:f3:7f:d3:56:95 wayport ?/? 10.215.1.39 a-HT ap 132+/15/22 0 6c:f3:7f:c5:35:68 0 22d:23h:22m:41s

6c:f3:7f:d3:56:96 Wayport_Access ?/? 10.215.1.39 a-HT ap 132+/15/22 0 6c:f3:7f:c5:35:68 0 22d:23h:22m:41s

6c:f3:7f:d3:56:80 IAP-guest ?/? 10.215.1.39 g-HT ap 11/18/18 0 6c:f3:7f:c5:35:68 0 22d:23h:22m:47s

6c:f3:7f:d3:56:82 TK-IAP-205-1 ?/? 10.215.1.39 g-HT ap 11/18/18 0 6c:f3:7f:c5:35:68 0 22d:23h:22m:42s

6c:f3:7f:d3:56:83 TK-IAP-205-EAP ?/? 10.215.1.39 g-HT ap 11/18/18 0 6c:f3:7f:c5:35:68 0 22d:23h:22m:42s

6c:f3:7f:d3:56:84 Yokohama-Wi-Fi ?/? 10.215.1.39 g-HT ap 11/18/18 0 6c:f3:7f:c5:35:68 0 22d:23h:22m:42s

6c:f3:7f:d3:56:85 wayport ?/? 10.215.1.39 g-HT ap 11/18/18 0 6c:f3:7f:c5:35:68 0 22d:23h:22m:41s

6c:f3:7f:d3:56:86 Wayport_Access ?/? 10.215.1.39 g-HT ap 11/18/18 0 6c:f3:7f:c5:35:68 0 22d:23h:22m:41s

Channel followed by "*" indicates channel selected due to unsupported configured channel.

"Spectrum" followed by "^" indicates Local Spectrum Override in effect.

Num APs:12

Num Associations:0

6c:f3:7f:c5:35:68# show summary

Name :instant-C5:86:02
System Location :
Domain :JP3
VC IP Address :10.215.1.206
VC VLAN :0
VC Mask :0.0.0.0
VC Gateway :0.0.0.0
Content Filtering :disable
Terminal Access :enable
Telnet Server :enable
Organization :Shimbashi
Airwave Server :10.215.1.103
Airwave Backup Server:
Airwave Prov Backup :
Number of VC transition :0
Airwave Shared Key :f9011638d60b55ebf3c9bf0ca7fd20c48c529a62a9a29f2b
Airwave Config Via :UI
Airwave :Connected
Airwave Mode :Monitor
Aruba Central Server :
Aruba Central :Not Set Up
Managed Via :Airwave
Syslog Server :10.215.200.97
Syslog Level :debug
Band :all
Master IP Address *:10.215.1.39
IP Address :10.215.1.39
Netmask :255.255.255.0
Gateway :10.215.1.254
NameServer :10.44.10.10
NameServer :10.44.11.10

DNSDomain :arubanetworks.com

IAP's Condiguration:

wlan ssid-profile Yokohama-Wi-Fi
enable
index 4
type guest
essid Yokohama-Wi-Fi
opmode opensystem
max-authentication-failures 0
auth-server External-RADIUS
rf-band all
captive-portal external profile ClearPass
wispr
dtim-period 1
inactivity-timeout 1000
broadcast-filter arp
radius-accounting
dmo-channel-utilization-threshold 90
local-probe-req-thresh 0
max-clients-threshold 64
wmm-video-share 50
wmm-voice-share 50
!
wlan wispr-profile
wispr-location-name-operator-name Wi2Connect
wispr-location-name-location Yokohama-Wi-Fi
wispr-location-id-network Yokohama-Wi-Fi
wispr-location-id-cc 81
wispr-location-id-ac 0

wispr-location-id-isocc JP

great-tk

2015年4月19日日曜日

IAP/AOS:WISPR RADIUS Authentication&Accounting

0 件のコメント:

コメントを投稿