Community Tribal Knowledge Base

Making DHCP mandatory on Aruba WLAN

These days, most clients obtain an ip address via DHCP. One method for ensuring that users do not use static ip addresses is to turn on the Enforce DHCP parameter in the AAA profile for that WLAN:


You can find out the DHCP server that a user obtained the ip address from by typing "show user ip "

Name: , IP: 192.168.1.192, MAC: 00:23:6c:90:05:11, Role:authenticated, ACL:56/0, Age: 00:00:00
Authentication: No, status: not started, method: , protocol: , server:
Role Derivation: AAA profile default role
VLAN Derivation: unknown
Idle timeouts: 0, ICMP requests sent: 0, replies received: 0, Valid ARP: 0
Mobility state: Wireless, HA: Yes, Proxy ARP: No, Roaming: No Tunnel ID: 0 L3 Mob: 0
Flags: internal=0, trusted_ap=0, l3auth=0, mba=0
Flags: innerip=0, outerip=0, guest=0, download=1, nodatapath=0, wispr=0
Auth fails: 0, phy_type: g-HT, reauth: 0, BW Contract: up:0 down:0, user-how: 1
Vlan default: 1, Assigned: 0, Current: 1 vlan-how: 0
Mobility Messages: L2=0, Move=0, Inter=0, Intra=0, ProxyArp=0, Flags=0x0
Tunnel=0, SlotPort=0xfdf, Port=0x10ca (tunnel 10)
Role assigment - L3 assigned role: n/a, VPN role: n/a, Dot1x cached role : n/a
Current Role name: authenticated role-how: 10
Essid: iperf, Bssid: 00:1a:1e:50:19:f0 AP name/group: 00:0b:86:64:34:80/default Phy-type: g-HT
RadAcct sessionID:n/a
RadAcct Traffic In 15/3121714928769182928 Out 722203740/65151000500 (0:15/11090:36656:11090:11472,11019:62556/0:15:11085:24500)
Timers: arp_reply 0, spoof reply 0, reauth 0
Profiles AAA:iperf-aaa_prof, dot1x:dot1x_prof-ild63, mac: CP: def-role:'authenticated' sip-role:'' via-auth-profile:''
ncfg flags udr 0, mac 0, dot1x 1, RADIUS interim accounting 0
Born: 1316439943 (Mon Sep 19 08:45:43 2011)
Upstream AP ID: 0, Downstream AP ID: 0
DHCP assigned IP address 192.168.1.192, from DHCP server 192.168.1.3 <-------------------------
Device Type: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:6.0.2) Gecko/20100101 Firefox/6.0.2



Enforcing DHCP can also deal with issues like secondary ip addresses of clients finding their way into the controller user table like in the post here: http://community.arubanetworks.com/t5/ArubaOS-and-Mobility-Controllers/Weirdness-with-mobile-handsets/td-p/14463 

Version history
Revision #:
2 of 2
Last update:
‎11-15-2011 08:37 AM
Updated by:
 
Labels (1)
Contributors
Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.