I am trying to integrate Ruckus ZoneDirector & PAN for user identification by using syslog. However, syslog message generated by Ruckus ZoneDirector doesn't have user's IP address. It only contains user name and MAC address of the device as shown below.
<134>Sep 20 12:16:34 syslog: eventd_to_syslog():User[GUEST@8c:70:5a:4e:a2:8c] joins WLAN[GUEST-WLAN] from AP[AP4@00:25:c4:13:a6:40] 25:c4:13:a6:4c roams from AP[AP4@00:25:c4:13:a6:40]
Therefore, I cannot extract user name and IP address form the syslog message for passing them to PAN User-ID Agent. Is there any solution?
I can think of a couple of options off the top of my head, but either will require a bit of extra work on the scripting side.
1) you could dump/query the ARP table on the AP when you get an auth/join message. I'm not familiar with the tools and APIs available on Ruckus so this may be easy or near impossible.
2) you could monitor your DHCP server as well and correlate the IP/MAC mappings it hands out.
Also, what's the backend auth mechanism that your ruckus system is using? Any chance that system (ie a radius server) would log IPs?
Thanks for your reply!
Ruckus can integrate with AD, LDAP, RADIUS or use its internal user database for authentication. For integration with AD, there is no problem to identify wireless LAN users because PAN can also integrate with AD. For authentication with RADIUS, there is also no problem as long as RADIUS can send syslog message with user name and IP address. However, integration of PAN with Ruckus is necessary when customers use Ruckus internal user database for authentication.
I think both of your suggested solutions may work and I will try to follow your suggestion to solve this problem.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!