...
Another requirement in the eduroam policy is that the eduroam SP is required to maintain logs of the authentication and of MAC-address to IP address bindings. LANCOM devices can satisfy both by logging events via syslog. By default, the device keeps short-term logs by logging to "127.0.0.1". The logs can be viewed by navigating to the menu ""LCOS Menu Tree" > "Status" > "TCP-IP" > "syslog" > "Last Messages" and look like the following (prefixed with the exact timestamp, left out for readability reasons):
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="6cf7ab1c-5e51-4bfe-b0bd-9c5eb7d4e8ed"><ac:plain-text-body><![CDATA[ | AUTH | Notice | [WLAN-1] Associated WLAN station 64:b9:e8:a0:2e:a4 [] ] ]></ac:plain-text-body></ac:structured-macro><ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="496e9b42-c638-406f-b161-8b25f708a8c7"><ac:plain-text-body><![CDATA[ | |
AUTH | Notice | [WLAN-1] WLAN station 64:b9:e8:a0:2e:a4 [] authenticated via 802.1x [user name is certuser-2010-001@restena.lu] ] ]></ac:plain-text-body></ac:structured-macro><ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="d7327e2e-27c1-4de3-9ec7-64fc48f4cccb"><ac:plain-text-body><![CDATA[ | ||
AUTH | Notice | [WLAN-1] Key handshake with peer 64:b9:e8:a0:2e:a4 successfully completed | ]]></ac:plain-text-body></ac:structured-macro> | <ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="c61e6fe9-1669-403d-87e2-9d4a6ade5104"><ac:plain-text-body><![CDATA[ |
AUTH | Notice | [WLAN-1] Connected WLAN station 64:b9:e8:a0:2e:a4 [] ] ]></ac:plain-text-body></ac:structured-macro><ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="c2ea3b22-308a-40eb-9d79-f11559d7f3de"><ac:plain-text-body><![CDATA[ | ||
AUTH | Notice | [WLAN-1] Determined IPv4 address for station 64:b9:e8:a0:2e:a4 []: 158.64.3.24 | ]]></ac:plain-text-body></ac:structured-macro> | <ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="38c7d54d-a71c-4590-9182-b256238720ac"><ac:plain-text-body><![CDATA[ |
AUTH | Notice | [WLAN-1] Determined IPv6 address for station 64:b9:e8:a0:2e:a4 []: 2001:0a18:0000:0403:66b9:e8ff:fea0:2ea4 | ]]></ac:plain-text-body></ac:structured-macro> | <ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="0f12503e-7164-489f-b0ef-91a1b1ee9721"><ac:plain-text-body><![CDATA[ |
AUTH | Notice | [WLAN-1] Determined IPv6 address for station 64:b9:e8:a0:2e:a4 []: fe80:0000:0000:0000:66b9:e8ff:fea0:2ea4 | ]]></ac:plain-text-body></ac:structured-macro> | <ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="e0a97075-b798-4643-b444-ff714c91443b"><ac:plain-text-body><![CDATA[ |
AUTH | Notice | [WLAN-1] Disassociated WLAN station 64:b9:e8:a0:2e:a4 [] due to station request (Disassociated because sending station is leaving BSS ]]></ac:plain-text-body></ac:structured-macro> |
As you can see, the authentication itself and all MAC -> IP binding actions are logged, both for IPv4 and IPv6.
...