...
The Access point needs to be synchronised with a NTP or SNTP time server (which was set up using the wizard), which requires correct timezone settings. Click on "Configuration" -> "Date & Time" -> "General". and verify that the correct time zone and dayight saving time settings are set (see screenshot).
B.2.3 Logging
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="86f28e0e040f5e99-83c2435b-484048dc-a9d4a215-df7ff37e3e30a61729c9d70f"><ac:plain-text-body><![CDATA[ | AUTH | Notice | [WLAN-1] Associated WLAN station 64:b9:e8:a0:2e:a4 [] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="c99b2470575a0406-28daec56-4bb64352-ab95b59e-99bc4b3d8a2e56549ec66ff1"><ac:plain-text-body><![CDATA[ | AUTH | Notice | [WLAN-1] WLAN station 64:b9:e8:a0:2e:a4 [] authenticated via 802.1x [user name is certuser-2010-001@restena.lu] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="9bb590991ed51f3f-b19ce709-4ec94d57-94ff8f89-eb2eb40b85c53e4cbed7053b"><ac:plain-text-body><![CDATA[ | AUTH | Notice | [WLAN-1] Key handshake with peer 64:b9:e8:a0:2e:a4 successfully completed | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="48d8b48fc5945b91-d38cded3-41704558-84439d2b-bdb52aa99276dad872ae3a44"><ac:plain-text-body><![CDATA[ | AUTH | Notice | [WLAN-1] Connected WLAN station 64:b9:e8:a0:2e:a4 [] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="30c76547de6a076c-729def8d-41f94bba-810a933e-4636f34f176894da6b19e69a"><ac:plain-text-body><![CDATA[ | AUTH | Notice | [WLAN-1] Determined IPv4 address for station 64:b9:e8:a0:2e:a4 []: 158.64.3.24 | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="2e2a0b2a6ff335ba-33468984-456244a7-aec6b59c-58594206e644fcb4ec9c5e41"><ac:plain-text-body><![CDATA[ | AUTH | Notice | [WLAN-1] Determined IPv6 address for station 64:b9:e8:a0:2e:a4 []: 2001:0a18:0000:0403:66b9:e8ff:fea0:2ea4 | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="fdfdb7c56bb0c9c1-b64a2a85-41af4b39-9f70a8e0-618532c8093e1a1865d34f03"><ac:plain-text-body><![CDATA[ | AUTH | Notice | [WLAN-1] Determined IPv6 address for station 64:b9:e8:a0:2e:a4 []: fe80:0000:0000:0000:66b9:e8ff:fea0:2ea4 | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="ab6928e1c6c98306-00fff86c-47f24613-a5dd9548-53d40fc7c0518a8a1949c1e4"><ac:plain-text-body><![CDATA[ | AUTH | Notice | [WLAN-1] Disassociated WLAN station 64:b9:e8:a0:2e:a4 [] due to station request (Disassociated because sending station is leaving BSS | ]]></ac:plain-text-body></ac:structured-macro> |
...
A recurring question is "Why is Client EAP method irrelevant?" The answer is: this setting refers to which authentication method the access point should use when it is in Client mode (i.e. it acts as a supplicant to connect to another access point). When in Access Point mode, its role is by design limited to transparently pass all authentication methods to a RADIUS server.
B.2.6
...
If RADIUS accounting for the eduroam SSID shall be enabled, you must configure a RADIUS server to receive
the accounting messages:
- Select Expert Configuration>Setup – WLAN – RADIUS-Accounting and complete the server details:
- Afterwards, activate the actual RADIUS Accounting reporting under Expert Configuration>Setup –
Interfaces – WLAN – Network – RADIUS-Accounting
...
Using RadSec instead of RADIUS (optional)
LANCOM devices have a RadSec client built-in. It can be used instead of standard RADIUS for the uplink to an
IdP.
To use RadSec, you must have been given a eduroam Service Provider X.509 certificate from your NRO. First,
upload this certificate and the eduGAIN CA certificate (which can be downloaded athttp://sca.edugain.org/cacert/eduGAINCA.pem) via the device's "File Upload" menu: 
Then, go to Expert Configuration>Setup>IEEE802.1X>RADIUS Server and set the Protocol option to
RADSEC: 
The same option is also present in the RADIUS Accounting server menu that was discussed above. When
RadSec is to be used, we strongly suggest to use it for both authentication and accounting.