05-13-2020 07:50 AM
I’ve configured our VPN server (a Fortigate) to use ExtremeControl as a RADIUS server, which is working fine. But I was wondering how to view the sessions in XMC, since they don’t seem to show up in end-system events. Is it possible to view VPN connection history?
Bonus question: has anyone configured XMC to send back the Fortigate group VSAs?
05-18-2020 07:59 PM
I have not tried it. In general, it all depends if the radius request is in the expected format or not with necessary arguments.
05-18-2020 07:53 PM
That’s good to know!
Do you know if this also the solution for a firewall acting as portal and forwarding the authentication request to the NAC? In this case we also get the radius request without MAC address.
05-18-2020 07:24 PM
add the VPN gateway to your ExtremeControl as VPN and not as L2 device.
The FortiGate works!
you will see the end-system in the table, the MAC will be fake (generated) but you will see IP address (accounting is needed), you will see status, username...
05-18-2020 02:15 PM
You’re right, the key identifier for the NAC is a MAC.
However a VPN authentication request rely on L3 connectivity and will always use the IP for this attribute.
The Callind-Station-Id is a MAC+SSID when there is a dialog between a wireless controller and the NAC because in this case there is a L2 binding.
I’m afraid there will be no solution to make the session appear in the End-Systems