WLC: Radius Statistics Command
It is always nice to get emails from twitter and blog peeps. I received an email from Bruce from Erie, PA asking:
Hi George,
Have been enjoying reading the various information you have posted… but haven’t seen anything yet on one of my favorite autonomous commands that I haven’t found a WLC equivalent yet.
sh aaa server
Since we normally have 3 ACS servers defined on all implementations, this simple command lets me see quickly (after running “clear aaa counters server all”) which specific ACS server I should be looking on for failure/success logs. On WCS/WLC, I have yet to find anything so simple to quickly get me that information.
If you are aware of a WLC version of it, would love to see it covered as a topic. And if not, I still find my80211 to be very useful and enjoyable! Keep up the good work.
Thanks,
Bruce
RADIUS Statistics
Bruce, my friend, you are in luck! The following commands are the equivalent commands on the WLC
>show radius auth statistics
>clear stats radius auth all
Good information
When troubleshooting radius issues these stats come in handy! When your radius server is on the blink or if there is a configuration issue somewhere in the 'line' you can see if anything is passing through the WLC. Remember the WLC acts as the "authenticator" and simply passes the EAP packets between the client and the radius server "authentication server". No real heavy lifting is done by the WLC during this process.
show radius auth statistics output
(WiSM-slot3-1) >show radius auth statistics
Authentication Servers:
Server Index......................................... 1
Server Address...................................... 192.168.1.142
Msg Round Trip Time.............................. 4 (msec)
First Requests....................................... 5360993
Retry Requests...................................... 8772
Accept Responses.................................. 518894
Reject Responses................................... 64866
Challenge Responses.............................. 4777060
Malformed Msgs..................................... 0
Bad Authenticator Msgs........................... 0
Pending Requests................................... 0
Timeout Requests................................... 9299
Unknowntype Msgs................................. 0
Other Drops........................................... 321
Server Index........................................ 2
Server Address..................................... 192.168.1.100
Msg Round Trip Time.............................. 5 (msec)
First Requests....................................... 3722718
Retry Requests...................................... 5533
Accept Responses.................................. 371506
Reject Responses................................... 37869
Challenge Responses.............................. 3313262
Malformed Msgs..................................... 0
Bad Authenticator Msgs........................... 0
Pending Requests................................... 0
Timeout Requests................................... 5952
Unknowntype Msgs................................. 0
Other Drops...................................... 296
Reader Comments (2)
what is mean about *Other Drops* ?
You know I questioned that myself. Sorry I don'y specifics on that specific one ...