<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 12/09/2013 07:23, Ali Abdullahi
wrote:<br>
</div>
<blockquote
cite="mid:8C6D663B52B8FA4987A89D9DE550FB6F0563B3C12365@1GOVNET-CAH-01.1govnet.local"
type="cite">
<pre wrap="">Hello everyone,
In our organization here, we have quiet a number of Cisco APs that give wireless service to users with hand-held devices and laptops and we have about 3 buildings which of course all have the cisco APs installed. So those APs are all hooked up to a cisco wireless controller in which we manage the APs from a GUI. My question is, is it possible to monitor people that are connected to the wireless using the cisco wireless controller...maybe if there is any config to do to monitor anyone connected to the APs for effective monitoring? if yes how should it be then and if no then are there any ideas or suggestions on what to do to monitor them?.</pre>
</blockquote>
<br>
By Monitoring, do you mean ... <br>
1. knowing when the login/logout? or <br>
2. What website they are accessing at any point in time?<br>
3. Some form of 802.1x Authentication?<br>
<br>
If you want to do 1. ....<br>
- Install a syslog server.
<meta http-equiv="content-type" content="text/html;
charset=ISO-8859-1">
<a
href="http://www.slsmk.com/setup-syslog-with-loganalyzer-on-ubuntu-server/">http://www.slsmk.com/setup-syslog-with-loganalyzer-on-ubuntu-server/</a><br>
- Enable Syslog on the AP.
<meta http-equiv="content-type" content="text/html;
charset=ISO-8859-1">
<a
href="http://www.cisco.com/en/US/docs/wireless/access_point/12.2_15_JA/configuration/guide/s15sml.html#wp1035350">http://www.cisco.com/en/US/docs/wireless/access_point/12.2_15_JA/configuration/guide/s15sml.html#wp1035350</a><br>
<br>
If you want to do 2. ...<br>
- Get the law behind you (otoh .. You may be the Law :( )<br>
- Install and enable CALEA.
<meta http-equiv="content-type" content="text/html;
charset=ISO-8859-1">
<a
href="http://www.cisco.com/en/US/docs/routers/7600/ios/12.2SR/configuration/lawful_intercept/76LIch1.html">http://www.cisco.com/en/US/docs/routers/7600/ios/12.2SR/configuration/lawful_intercept/76LIch1.html</a><br>
<br>
But ... life should not be that complex and wicked ;) <br>
<br>
If you want to do 3. ....<br>
Perhaps what you need is some form of Authentication and
Authorization on your network, so that only those you permit, should
connect, and at the time you want, perhaps with some bandwidth limit
to conserve the bandwidth you currently have.<br>
<br>
Christis Wilson did an excellent presentation on Bandwidth
management at AfNOG 2010, available here.
<meta http-equiv="content-type" content="text/html;
charset=ISO-8859-1">
<a
href="http://www.ws.afnog.org/afnog2010/bw-mgmt/afnog-bmo-presentation-2010.pdf">http://www.ws.afnog.org/afnog2010/bw-mgmt/afnog-bmo-presentation-2010.pdf</a><br>
<br>
Good Luck!!<br>
<br>
Sunday.<br>
<br>
<br>
<pre class="moz-signature" cols="72">--
--------------------------------------------------------
Sunday Adekunle Folayan
blog: <a class="moz-txt-link-freetext" href="http://www.sundayfolayan.name.ng">http://www.sundayfolayan.name.ng</a>
email: <a class="moz-txt-link-abbreviated" href="mailto:sfolayan@skannet.com.ng">sfolayan@skannet.com.ng</a>, <a class="moz-txt-link-abbreviated" href="mailto:sfolayan@gmail.com">sfolayan@gmail.com</a>
phone: +234-802-291-2202
skype: sfolayan
fcbk: <a class="moz-txt-link-abbreviated" href="http://www.facebook.com/sfolayan">www.facebook.com/sfolayan</a>
tweet: sfolayan
linkedin: sfolayan
---------------------------------------------------------</pre>
</body>
</html>