ArubaOS and Controllers

Reply
New Contributor
Posts: 3
Registered: ‎12-28-2010

Show denied ports

I used 'sh user ip
' to look for access list denied connections and it didn't work.. I mean it didn't show 'D' denied connections on some port which started to work after I allowed it thru new access-list entry How I can lookd for denied sessions in reale-time ?
Guru Elite
Posts: 20,789
Registered: ‎03-29-2007

Re: Show denied ports

Use "show datapath session table "

http://airheads.arubanetworks.com/vBulletin/showthread.php?t=942


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor
Posts: 3
Registered: ‎12-28-2010

Re: Show denied ports

I tried this one too but it's pretty much the same as 'sh user ip'... I mean if you do 'show' too late it will not include something which was denied 15 min earlier ..?
Guru Elite
Posts: 20,789
Registered: ‎03-29-2007

Re: Show denied ports

The only way you can show denied user information is by configuring a firewall policy to deny and then putting the "log" option in there. You can then see the denies in the security log:


show log security 50


Oct 26 13:54:23 authmgr: <124006> |authmgr| {9667} UDP srcip=192.168.105.187 srcport=427 dstip=10.10.10.216 dstport=427, action=deny, role=Guest-Logon-Role, policy=Guest-Logon-Policy
Oct 26 13:54:50 authmgr: <124006> |authmgr| {9668} UDP srcip=192.168.105.187 srcport=427 dstip=10.10.10.216 dstport=427, action=deny, role=Guest-Logon-Role, policy=Guest-Logon-Policy
Oct 26 13:55:13 authmgr: <124006> |authmgr| {9669} UDP srcip=192.168.105.103 srcport=123 dstip=10.31.253.21 dstport=123, action=deny, role=Guest-Logon-Role, policy=Guest-Logon-Policy
Oct 26 13:55:15 authmgr: <124006> |authmgr| {9670} UDP srcip=192.168.105.59 srcport=54359 dstip=192.168.105.250 dstport=5351, action=deny, role=Guest-Logon-Role, policy=Guest-Logon-Policy
Oct 26 13:55:17 authmgr: <124006> |authmgr| {9671} UDP srcip=192.168.105.187 srcport=427 dstip=10.10.10.216 dstport=427, action=deny, role=Guest-Logon-Role, policy=Guest-Logon-Policy
Oct 26 13:55:44 authmgr: <124006> |authmgr| {9672} UDP srcip=192.168.105.187 srcport=427 dstip=10.10.10.216 dstport=427, action=deny, role=Guest-Logon-Role, policy=Guest-Logon-Policy
Oct 26 13:55:45 authmgr: <124006> |authmgr| {9673} TCP srcip=192.168.105.103 srcport=2291 dstip=10.32.99.30 dstport=82, action=deny, role=Guest-Logon-Role, policy=Guest-Logon-Policy
Oct 26 13:55:52 authmgr: <124006> |authmgr| {9674} TCP srcip=192.168.105.159 srcport=1762 dstip=10.1.228.245 dstport=8083, action=deny, role=Guest-Logon-Role, policy=Guest-Logon-Policy
Oct 26 13:56:06 authmgr: <124006> |authmgr| {9675} TCP srcip=192.168.105.103 srcport=2291 dstip=10.32.99.30 dstport=82, action=deny, role=Guest-Logon-Role, policy=Guest-Logon-Policy
Oct 26 13:56:11 authmgr: <124006> |authmgr| {9676} UDP srcip=192.168.105.187 srcport=427 dstip=10.10.10.216 dstport=427, action=deny, role=Guest-Logon-Role, policy=Guest-Logon-Policy


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor
Posts: 3
Registered: ‎12-28-2010

Re: Show denied ports

Thanks
Search Airheads
Showing results for 
Search instead for 
Did you mean: