LISTSERV - CLEANACCESS Archives - LISTSERV.MIAMIOH.EDU

CLEANACCESS Archives

April 2007

CLEANACCESS@LISTSERV.MIAMIOH.EDU

	LISTSERV Archives
	CLEANACCESS Home
	CLEANACCESS April 2007

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: user tracking with clean access
From:	"King, Michael" <[log in to unmask]>
Reply To:	Cisco Clean Access Users and Administrators <[log in to unmask]>
Date:	Mon, 9 Apr 2007 11:27:59 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (56 lines)

David,
To expand on what Don explained.

With CCA, if you setup syslogging to an external box, you will keep
records of Username-IP-MAC mappings for as long as you wish.  The
external syslog server is desired, since CCA's internal syslog will
purge after so many records. (I think it's 300,000)

It's a trival matter then to grep the logs (or if you use a web-front
end Syslog box, just search) for the IP and the date range, you'll get
what your looking for.

In short, we just let DHCP handle the addressing, and if we have to look
them up, we do.

The Dynamic DNS is a route we haven't really chased down.  We used to do
it, pre-CCA, but it hasn't really come up, and nobody has asked us for
it.  We assume they are just using one of the free Dynamic DNS services
on the internet.  They have more control over the hostname. (Ours would
be very boring, most likely using MAC address or something) 

> -----Original Message-----
> From: Cisco Clean Access Users and Administrators 
> [mailto:[log in to unmask]] On Behalf Of David Warner
> Sent: Monday, April 09, 2007 10:50 AM
> To: [log in to unmask]
> Subject: user tracking with clean access
> 
> We are planning to implement Clean Access for our campus 
> network this summer.  We currently require our resnet users 
> to go through a customized resnet process which includes 
> assigning each computer hardware address a particular IP 
> address for the entire school year.  We then create a 
> matching dns entry for that IP address & student.
> 
> I would like to hear what other schools are doing clean 
> access and your IP address assignment.  Are you using all 
> dynamic DHCP addresses and searching the logs for instances 
> where you must track down problem machines or RIAA requests?  
> Do you use some method to assign the same address to 
> particular machines?
> 
> Any ideas would be helpful.
> 
> 
> 
> David Warner, CCNA
> Network Specialist
> Wesleyan University
> Information Technology Services
> Middletown, CT 06459
> 
> **************************************************************
> ************* 
>

ATOM RSS1 RSS2

LISTSERV.MIAMIOH.EDU