802.1x monitoring

Unanswered Question
Feb 26th, 2007

I am using IAS to authenticate the machines on my network. What is the best way to monitor any failed authentication attempts at the switches?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
acomiskey Mon, 02/26/2007 - 18:20

You can alway check the "System" logs in the event viewer of your IAS machine.

jms112080 Tue, 02/27/2007 - 05:59

We use the IAS logs, but when using machine certs as we do for authentication, if a "rogue" machine with no cert plugs in and fails, I have no way to know it ever happened. There is no log entry in IAS when a machine doesn't send some kind of authentication attempt.

acomiskey Tue, 02/27/2007 - 06:17

What about snmp traps?

Try IEEE8021-PAE-MIB or CISCO-PAE-MIB.

Actions

This Discussion