cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

293
Views
0
Helpful
1
Replies
Highlighted

Freeradius' checkrad and Cisco WLC

Hello:

I am trying to use Simultaneous-Use with freeradius and a Cisco WLC. However, it is not working correctly, since the checkrad script is not pointing to the right OID, so it cannot get information from the WLC of what clients are connected.

Using snmpwalk I can reach the Cisco WLC, with no problem, from the machine hosting freeradius. And I know that I’m supposed to edit the checkrad script to point to the correct OID, however...

I am sure the OIDs defined by default in the script, do not exist in the Cisco WLC. So I have been searching in Cisco’s SNMP Object Navigator, but the amount of OIDs is just enormous and I’m not even sure exactly what value I’m supposed to look for.

Anyone that could help me on how to proceed?


This is on a freeradius 3.0.11, on OpenBSD 5.9.
The controller is a Cisco WLC 2504 with firmware 8.0.133.0.

1 REPLY 1
Beginner

Hi,

Hi,

Replace the  cisco_snmp function with or write a new function(have to do a few more additions in that case)

my $port = $ARGV[2];
        my $acctsessid = $ARGV[4];
        my @values = split('/', $acctsessid);
        my $mac = $values[1] ;
        my @valuesmac = split(':', $mac);

        foreach my $val (@valuesmac) {
                 push(@arra , hex($val)) ;
                print $val ;
                 }

        $hexmac = join(".",@arra);

                $login = snmpget($ARGV[1], "YOUR_COMMUNITY_STRING",
                                "SNMPv2-SMI::enterprises.14179.2.1.4.1.3.$hexmac");
                print LOG "  user with session id $ARGV[4] ($sess_id): \n" ;
                        "$login\n" if ($debug);
        if($login eq $ARGV[3]) {
                return 1;
        }else{
                        return 0;     
        }

also set this variable in global section:

$snmpget = "snmpget";

Please rate if this helps

BR,

8zero2