cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1357
Views
15
Helpful
5
Replies

logs for WLC;

Audit
Level 1
Level 1

Hey,

My objective is to verify users on the Cisco WLC that have been give access or removed access. is there a possibility to review such actions taken through logs. can this be verified from the syslog?? 

5 Replies 5

Do you mean administrative users accessing WLC via GUI or wireless users connecting to SSID?

What WLC platform have you got?

HTH
Rasika

both would be great. Again, my objective is to review such activity of user being removed or given access to the controller. Its can be admin users or wireless users. its more of a generic approach

If not can u explain the process in order to identify when a user device was added/ deleted from a Cisco wireless controller. this can be reviewed through logs or any other approach

Platform- any relevant one

Rich R
VIP
VIP

Admin users can be controlled by TACACS for example using Cisco ISE which maintains the logs.

Wireless user logging will be entirely dependent on the design of your network.  If your users are authenticated by radius server then radius authentication and accounting logs on your radius server (can also be ISE) can log all the user detail.

Can we check similarly (through logs) for the devices connected(Mac address) to the WLC. Is there a way to identify the devices added or removed from the controller?

Rich R
VIP
VIP

Radius logs can contain device MAC.

But remember that device MAC can change (private MAC addresses are becoming standard across all devices).

Review Cisco Networking for a $25 gift card