beautypg.com

Configuring wlan service monitoring settings, Accounting deployment considerations – Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 297

background image

Brocade Mobility RFS Controller System Reference Guide

285

53-1003099-01

6

4. Set the following System Log Accounting information:

5. Select the Enable RADIUS Accounting check box to use an external RADIUS resource for AAA

accounting. When the check box is selected, a AAA Policy field displays. Either use the default
AAA policy with the WLAN, or select Create to define a new AAA configuration that can be
applied to the WLAN. This setting is disabled by default.

6. Select OK when completed to update this WLAN’s accounting settings. Select Reset to revert

the screen to its last saved configuration.

Accounting Deployment Considerations

Before defining a WLAN AAA configuration, refer to the following deployment guidelines to ensure
the configuration is optimally effective:

When using RADIUS authentication, Brocade recommends the WAN port round trip delay not
exceed 150ms. Excessive delay over a WAN can cause authentication and roaming issues.
When excessive delays exists, a distributed RADIUS service should be used.

Brocade recommends authorization policies be implemented when users need to be restricted
to specific WLANs, or time and date restrictions need to be applied.

Authorization policies can also apply bandwidth restrictions and assign Firewall policies to
users and devices.

Configuring WLAN Service Monitoring Settings

Wireless LAN Policy

Service Monitoring is a mechanism for administrating external AAA server, captive portal server,
Access Point adoption, and DHCP server activity for WLANs. Service monitoring enables an
administrator to better notify users of a service’s availability and make resource substitutions.
Service monitoring can be enabled and applied to log activity as needed for specific WLANs.

External services can be rendered unavailable due to any of the following instances:

When the RADIUS authentication server becomes unavailable. The RADIUS server could be
local or external to the controller, service platform or Access Point.

When an externally hosted captive portal is unavailable (for any reason)

If an Access Point’s connected controller or service platform becomes unavailable

Enable Syslog Accounting

Use this option to generate accounting records in standard syslog format (RFC 3164). The feature
is disabled by default.

Syslog Host

Specify the IP address or hostname of the external syslog host where accounting records are
routed.

Syslog Port

Use the spinner control to set the destination UDP port number of the external syslog host where
the accounting records are routed.

Proxy Mode

If a proxy is needed to connect to the syslog server choose a proxy mode of Through RF Domain
Manager or Through Wireless Controller. If no proxy is needed, select None.

Format

Specify the delimiter format for the MAC address to be packed in the syslog request. Available
formats are No Delimiter (aabbccddeeff), Colon Delimiter (aa:bb:cc:dd:ee:ff), Dash Delimiter
(aa-bb-cc-dd-ee-ff), Dot Delimiter (aabb.ccdd.eeff) and Middle Dash Delimiter (aabbcc-ddeeff).

Case

Specify to send the MAC addresses in either Uppercase or Lowercase for syslog requests.

See also other documents in the category Brocade Computer Accessories: