People,
Does anyone know if the 6850 generates SNMP traps for failed 802.1x supplicant or non supplicant authorisation ?
Great interpretation of 802.1x and how to implement but no central resource to manage or to alert on failures.
Anyhelp would be greatly appreciated as it is driving me nuts.
Thanks
Greg
6850 - 802.1x SNMP
-
cedric1
Re: 6850 - 802.1x SNMP
hello
no snmp, but syslog message.
check to redirect swlog to syslog server.
You get message but i'm not sure if you get failed info.
you need to activate 802.1X accounting to local (so it will go in swlog and then to syslog)
As I read in last RN, auth failed for non supplicant is working
Cedric
no snmp, but syslog message.
check to redirect swlog to syslog server.
You get message but i'm not sure if you get failed info.
you need to activate 802.1X accounting to local (so it will go in swlog and then to syslog)
As I read in last RN, auth failed for non supplicant is working
Cedric
Last edited by cedric1 on 29 Mar 2011 10:37, edited 2 times in total.
-
fattyc
Re: 6850 - 802.1x SNMP
Hi gents ,
Benny win2k8 RADIUS uses the event log viewer . Does not give you failures.
The accounting only gives you a code 3 which means failure.
So .. you don't get anything . What i'm after is when something fails auth supplicant or non supplicant. It then goes into Remediation zone.
What I want to know is when something fails and goes into REMZONE.
Cedric ,
You definetely dont get failures in SYSLOG . I set this up by forwardig SYSLOG APPID for AAA , you only get successes .
BTW Cedric , what does "As I read in last RN, auth failed for non supplicant is working" mean ?
Ta
Reg
Cedric,
What does ,
Benny win2k8 RADIUS uses the event log viewer . Does not give you failures.
The accounting only gives you a code 3 which means failure.
So .. you don't get anything . What i'm after is when something fails auth supplicant or non supplicant. It then goes into Remediation zone.
What I want to know is when something fails and goes into REMZONE.
Cedric ,
You definetely dont get failures in SYSLOG . I set this up by forwardig SYSLOG APPID for AAA , you only get successes .
BTW Cedric , what does "As I read in last RN, auth failed for non supplicant is working" mean ?
Ta
Reg
Cedric,
What does ,
-
cedric1
Re: 6850 - 802.1x SNMP
hi
in last release note for 6.4.3 code, you see end of document New Software Feature.
There it is written non-spplicant accounting is now possible. And we can have auth failure info.
From RN
2. 802.1x Non-Supplicant Accounting Behavior
This feature allows the Omni Switch to enable accounting for Onex non-supplicant users. Accounting
is the action of recording what the user is attempting to do or what the user has done. The actions are
login / logout / auth failure/ and updation of client ip-address. This feature will impact only the AAA,
in last release note for 6.4.3 code, you see end of document New Software Feature.
There it is written non-spplicant accounting is now possible. And we can have auth failure info.
From RN
2. 802.1x Non-Supplicant Accounting Behavior
This feature allows the Omni Switch to enable accounting for Onex non-supplicant users. Accounting
is the action of recording what the user is attempting to do or what the user has done. The actions are
login / logout / auth failure/ and updation of client ip-address. This feature will impact only the AAA,
-
cedric1
Re: 6850 - 802.1x SNMP
here output of my test so I have in code 6.4.3.737 (test code)
271=> show log swlog
Displaying file contents for '/flash/swlog2.log'
FILEID: fileName[/flash/swlog2.log], endPtr[60], configSize[500000], mode[2]
Displaying file contents for '/flash/swlog1.log'
FILEID: fileName[/flash/swlog1.log], endPtr[539], configSize[500000], mode[1]
Time Stamp Application Level Log Message
------------------------+--------------+-------+--------------------------------
TUE APR 18 21:52:07 2079 SYSTEM info Switch Logging cleared by command. File Size=1000000 bytes
TUE APR 18 21:52:12 2079 AAA info AAA logout,001AE8074C27,MAC,cause=0038,06/18,00:1a:e8:07:4c:27, 17x.xx.19.119
TUE APR 18 21:52:46 2079 AAA info AAA failure,001AE8074C27,MAC,cause=0038,06/18,00:1a:e8:07:4c:27,
TUE APR 18 21:52:56 2079 AAA info AAA update,001AE8074C27,MAC,cause=0038,06/18,00:1a:e8:07:4c:27, 17x.xx.19.119
TUE APR 18 21:53:06 2079 AAA info AAA update,001AE8074C27,MAC,cause=0038,06/18,00:1a:e8:07:4c:27, 17x.xx.19.119
271=> show microcode
Package Release Size Description
-----------------+---------------+--------+-----------------------------------
Jbase.img 6.4.3.737.R01 22157746 Alcatel-Lucent Base Software
Jadvrout.img 6.4.3.737.R01 2875938 Alcatel-Lucent Advanced Routing
Jos.img 6.4.3.737.R01 2159671 Alcatel-Lucent OS
Jeni.img 6.4.3.737.R01 6542468 Alcatel-Lucent NI software
Jsecu.img 6.4.3.737.R01 587675 Alcatel-Lucent Security Management
Jencrypt.img 6.4.3.737.R01 3437 Alcatel-Lucent Encryption Management
Jdiag.img 6.4.3.737.R01 3306446 Alcatel-Lucent Diagnostic Software
Jrelease.img 6.4.3.737.R01 3144 Alcatel-Lucent Release Info Archive
271=>
271=> show log swlog
Displaying file contents for '/flash/swlog2.log'
FILEID: fileName[/flash/swlog2.log], endPtr[60], configSize[500000], mode[2]
Displaying file contents for '/flash/swlog1.log'
FILEID: fileName[/flash/swlog1.log], endPtr[539], configSize[500000], mode[1]
Time Stamp Application Level Log Message
------------------------+--------------+-------+--------------------------------
TUE APR 18 21:52:07 2079 SYSTEM info Switch Logging cleared by command. File Size=1000000 bytes
TUE APR 18 21:52:12 2079 AAA info AAA logout,001AE8074C27,MAC,cause=0038,06/18,00:1a:e8:07:4c:27, 17x.xx.19.119
TUE APR 18 21:52:46 2079 AAA info AAA failure,001AE8074C27,MAC,cause=0038,06/18,00:1a:e8:07:4c:27,
TUE APR 18 21:52:56 2079 AAA info AAA update,001AE8074C27,MAC,cause=0038,06/18,00:1a:e8:07:4c:27, 17x.xx.19.119
TUE APR 18 21:53:06 2079 AAA info AAA update,001AE8074C27,MAC,cause=0038,06/18,00:1a:e8:07:4c:27, 17x.xx.19.119
271=> show microcode
Package Release Size Description
-----------------+---------------+--------+-----------------------------------
Jbase.img 6.4.3.737.R01 22157746 Alcatel-Lucent Base Software
Jadvrout.img 6.4.3.737.R01 2875938 Alcatel-Lucent Advanced Routing
Jos.img 6.4.3.737.R01 2159671 Alcatel-Lucent OS
Jeni.img 6.4.3.737.R01 6542468 Alcatel-Lucent NI software
Jsecu.img 6.4.3.737.R01 587675 Alcatel-Lucent Security Management
Jencrypt.img 6.4.3.737.R01 3437 Alcatel-Lucent Encryption Management
Jdiag.img 6.4.3.737.R01 3306446 Alcatel-Lucent Diagnostic Software
Jrelease.img 6.4.3.737.R01 3144 Alcatel-Lucent Release Info Archive
271=>
-
fattyc
Re: 6850 - 802.1x SNMP
Cedric ,
Apologies for delay in reply , been on other work .
Brilliant response , just what I needed ! Will begin investigating !!
Many Thank
Gre
Apologies for delay in reply , been on other work .
Brilliant response , just what I needed ! Will begin investigating !!
Many Thank
Gre
-
fattyc
Re: 6850 - 802.1x SNMP
Hi Cedric ,
Have you any ideas when 6.4.3.737.R01 will become available ?
Can't wait to start working with the new 802.1x logs ..
Thanks
Greg
Have you any ideas when 6.4.3.737.R01 will become available ?
Can't wait to start working with the new 802.1x logs ..
Thanks
Greg
