RADIUS and WLAN Infrastructure Monitoring - … · RADIUS and WLAN Infrastructure Monitoring Jovana...

connect • communicate • collaborate

RADIUS and WLAN Infrastructure

Monitoring

Jovana Palibrk, AMRES

NA3 T2, Sofia, 19.06.2014.


eduroam in Serbia

eduroam project in Serbia started at the end of 2009

Process of connecting AMRES institutions to eduroam service and

installation of equipment started in 2010

AMRES applied for donation from NATO SPS NIG program (Networking

Infrastructure Grant) with project “AMRES Access Infrastructure

Establishment” and got donation in 2010

Academic Network of Serbia www.amres.ac.rs


RP – Novi Sad

RP – Belgrade

FTLR

RP – Kragujevac

RP – Nis

NATO donation enabled

procurement of:

5 Cisco 5508 Wireless

Controllers that are

installed in 4 University

computing centers

190 access points that

have been installed in

more than 80 AMRES

member institutions in

17 cities

eduroam in Serbia


What is being monitored?

eduroam monitoring system is incorporated into our in-house network

monitoring system – NetIIS

AMRES institutions network administrators are already using NetIIS in their

every day technical activities

Monitoring and reporting

RADIUS servers (institutional RADIUS servers and Federation Top

Level RADIUS – FTLR server)

Network Access Infrastructure (wireless access points and controllers)



NetIIS – Networking Information and

Monitoring System

NetIIS is web based networking

information and monitoring system

In NetIIS all object from external

world are presented in easily

understandable way

Objects are hierarchically organized

and presented by a tree

folder

location users and group of users

groups

device

monitor alarm

action Academic Network of Serbia www.amres.ac.rs


NetIIS – Networking Information and

Monitoring System

Every institution has its own

location in NetIIS infrastructure,

under which eduroam folder is

placed

eduroam data and infrastructure

elements that are being monitored

are stored in that folder



Monitoring and reporting :

RADIUS servers

Testing availability of a RADIUS server over the network

Ping RADIUS server IP address

Testing operability of RADIUS servers :

eapol_test program from the wpa supplicant software is used

http://deployingradius.com/scripts/eapol_test/

Shell script on the NetIIS runs the eapol_test

Eap-ttls and peap tunnels can be tested

In case that some test fails, the alarm is being activated and mail

notifications are send to the technical contacts of the corresponding

institution


http://deployingradius.com/scripts/eapol_test/


Monitoring and reporting:

RADIUS Ping



NetIIS FTLR

IdP RADIUS RP RADIUS

Monitoring and reporting : RADIUS operability testing

eap ttls IdP + FTLR

eap ttls RP

eap ttls IdP

eap ttls Proxy


eap-ttls [email protected]


RADIUS IdP

NetIIS inst.ac.rs IdP RADIUS

Operability of eap tunnel established directly to the IdP RADIUS server

is tested

eapol_test




RADIUS IdP

Radius Status and Delay graphs (period of 15 days)




RADIUS IdP + FTLR

Operability of eap tunnel established over the FTLR server to the IdP

RADIUS server is tested eap-ttls

[email protected] eapol_test eapol_test

NetIIS FTLR


inst.ac.rs IdP RADIUS





RADIUS IdP + FTLR


Operability of eap tunnel established over the institutional RADIUS sever and

FTLR server to the monitor RADIUS server is tested

RP RADIUS

monitor RADIUS

FTLR


eapol_test

NetIIS monitor.eduroam.ac.rs

RADIUS



RADIUS RP





RADIUS RP


The availability and operability of FTLR server are tested

monitor RADIUS

FTLR

eapol_test

NetIIS monitor.eduroam.ac.rs

IdP RADIUS




FTLR


Usage statistics –

eduroam usage monitor

Total number of successfully authenticated users on given RP institution

taken for:

The same IdP institution – local users

Other IdP institution from the same country – national users

IdP institution from other countries – international users

script

3 numbers

radius.log

SNMP

RP RADIUS NetIIS


3 numbers




Usage statistics –



eduroam_usage monitor –

local users


Number of local users (period of 30 days)



national users


Number of national users (period of 30 days)



Number of international users (period of 30 days)


international users


Usage statistics – Splunk software

RP radius servers send syslog messages to splunk server which is used

for making statistics

For easier analysis , messages are formatted on RP radius servers

using radius line log and syslog-ng

Messages collected on splunk server:


Number of AMRES user devices, on

all AP in Belgrade


Number of international user devices,

on AP in Belgrade


Monitoring and reporting –

Access Points

Ping

Number of the connected users



Monitoring and reporting –

Wireless LAN Controllers

Ping

Number of DHCP clients:

Bad alarm – more than 100

addresses are being used

Good alarm – less than 100

addresses are being used



Groups of monitors –

Access Points




Institutional RADIUS Servers





FTLR


Questions?


Thank you!

RADIUS and WLAN Infrastructure Monitoring - … · RADIUS and WLAN Infrastructure Monitoring Jovana...

Documents

Transcript of RADIUS and WLAN Infrastructure Monitoring - … · RADIUS and WLAN Infrastructure Monitoring Jovana...