Problem checkrad cisco ap1200

classic Classic list List threaded Threaded
5 messages Options
| Threaded
Open this post in threaded view
|

Problem checkrad cisco ap1200

ph b.
Hello,

The script "checkrad" not run with my ap1200, when i test it i have :

SNMP Error:
Received SNMP response with error code
  error status: noSuchName
  index 1 (OID: 1.3.6.1.4.1.9.2.9.2.1.18.XXX)
SNMPv1_Session (remote host: "192.XXX.XXX.XXX" [192.XXX.XXX.XXX].161)
                                community: "public"
                                 request ID: -662891836
                              PDU bufsize: 8000 bytes
                                      timeout: 2s
                                      retries : 5
                                     backoff: 1)
  at /usr/sbin/checkrad line 221
checkrad: No SNMP answer from cisco
checkrad: not found!

I think it is a problem with the ap but i don't see what it is.
The conf for the snmp on the ap is :

access-list 111 permit tcp any any neq telnet
snmp-server view dot11view ieee802dot11 included
snmp-server community public view dot11view RO

If i erase the view, i have the same problem.

Furthermore, when i use the tool snmpge for the oid
1.3.6.1.4.1.9.2.9.2.1.18.XXX, it return me the same result : noSuchName.

The ap use the IOS 12.3(2)

And when i connect on the ap and do "show aaa user all", i can see the users
name et other data. So the logins are stored on the ap but can i get them by
SNMP or not ? how can i fnd the good OID ?

Could you help me ?

thanks

ph


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

user-name on EAP-TTLS authentication

David ROUMANET
Hello,

is there a way to log on MySQL database the real user-name when using
EAP-TTLS authentication (instead of anonymous user-name)
The file radius.log contains it but I don't know if there is a
radius-attribute for this.

Thanks to all,
David


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

david.roumanet.vcf (366 bytes) Download Attachment
| Threaded
Open this post in threaded view
|

Re: Problem checkrad cisco ap1200

Alan DeKok
In reply to this post by ph b.
"ph b." <[hidden email]> wrote:
> Furthermore, when i use the tool snmpge for the oid
> 1.3.6.1.4.1.9.2.9.2.1.18.XXX, it return me the same result : noSuchName.

  The MIBs used by that AP are unknown to checkrad.

  You were told this yesterday on the cistron list.  Did you think the
answer would somehow be different for FreeRADIUS?

> And when i connect on the ap and do "show aaa user all", i can see the users
> name et other data. So the logins are stored on the ap but can i get them by
> SNMP or not ? how can i fnd the good OID ?

  Do what you were told on the Cistron list.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: user-name on EAP-TTLS authentication

Alan DeKok
In reply to this post by David ROUMANET
David ROUMANET <[hidden email]> wrote:
> is there a way to log on MySQL database the real user-name when using
> EAP-TTLS authentication (instead of anonymous user-name)

  It logs both.

  The inner session is treated just like a normal RADIUS request, and
is logged like normal.

  Hmm... there *could* be some way to tie the two sessions together
through an attribute.  That wouldn't be hard to do.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Problem checkrad cisco ap1200

ph b.
In reply to this post by Alan DeKok
Sorry, i think it is two different list and i try to have the more
information that i can get. That's why I put this message on the two list.
However i don't yet solve my problem.

I browse the mib of my ap but the username seem to be not accessible.

But i also use a cisco WLSE ton manage all my AP and the WLSE get all the
user on the wireless lan by snmp so it is possible.

When i could i'll try to ask cisco to they give me the good OID.

ph


>From: "Alan DeKok" <[hidden email]>
>Reply-To: FreeRadius users mailing list
><[hidden email]>
>To: FreeRadius users mailing list <[hidden email]>
>Subject: Re: Problem checkrad cisco ap1200 Date: Thu, 16 Jun 2005 13:20:32
>-0400
>
>"ph b." <[hidden email]> wrote:
> > Furthermore, when i use the tool snmpge for the oid
> > 1.3.6.1.4.1.9.2.9.2.1.18.XXX, it return me the same result : noSuchName.
>
>   The MIBs used by that AP are unknown to checkrad.
>
>   You were told this yesterday on the cistron list.  Did you think the
>answer would somehow be different for FreeRADIUS?
>
> > And when i connect on the ap and do "show aaa user all", i can see the
>users
> > name et other data. So the logins are stored on the ap but can i get
>them by
> > SNMP or not ? how can i fnd the good OID ?
>
>   Do what you were told on the Cistron list.
>
>   Alan DeKok.
>-
>List info/subscribe/unsubscribe? See
>http://www.freeradius.org/list/users.html


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html