How do I enable and disable user-debug on an Aruba controller?

Aruba Employee

Question:  How do I enable and disable user-debug on an Aruba controller?

 

Product and Software: This article applies to ArubaOS 3.x and later.

Debugging can be enabled for a particular client by using the 'logging level debugging user-debug <user-mac-address>'command.

Example

(sd36x) #configure t

Enter Configuration commands, one per line. End with CNTL/Z

(sd36x) (config) #logging level debugging user-debug 00:01:02:03:04:05

The 'show debug' command can be used to view MAC addresses for which user-debug has been enabled.

Example

(sd36x) (config) #show debug

DEBUG LEVELS

------------

Facility Level Debug Value Sub Category Process

-------- ----- ----------- ------------ -------

user-debug debugging 00:01:02:03:04:05 N/A N/A

The 'no logging level debugging user-debug <user-mac-address>' command disables user debug.

Example

(sd36x) #configure t

Enter Configuration commands, one per line. End with CNTL/Z

(sd36x) (config) #no logging level debugging user-debug 00:01:02:03:04:05

The 'show log user-debug <all / number of lines>' command can be used to view user-debug logs.

Try to limit the number of users that are active while you are debugging. Logs can roll over quickly if there is lot of user activity. If you are logging to syslog server, this is less of a concern.

Example of a 'user-debug' log

Apr 27 18:51:56 :501095: <NOTI> |stm| Assoc request @ 18:51:56.668492: 00:26:08:a6:8c:59 (SN 1123): AP 192.168.162.200-00:1a:1e:8f:a6:40-h125-fa64
Apr 27 18:51:56 :501100: <NOTI> |stm| Assoc success @ 18:51:56.675194: 00:26:08:a6:8c:59: AP 192.168.162.200-00:1a:1e:8f:a6:40-h125-fa64
Apr 27 18:51:56 :501065: <DBUG> |stm| Sending STA 00:26:08:a6:8c:59 message to Auth and Mobility Unicast Encr WPA2 PSK AES Multicast Encr WPA2 PSK AES VLAN 0xa2
Apr 27 18:51:56 :522035: <INFO> |authmgr| MAC=00:26:08:a6:8c:59 Station UP: BSSID=00:1a:1e:8f:a6:40 ESSID=SKYNet VLAN=162 AP-name=h125-fa64
Apr 27 18:51:56 :522004: <DBUG> |authmgr| MAC=00:26:08:a6:8c:59 ingress 0x10ca (tunnel 10), u_encr 32, m_encr 32, slotport 0x1020
Apr 27 18:51:56 :522004: <DBUG> |authmgr| Deriving AAA profile from user attributes
Apr 27 18:51:56 :522004: <DBUG> |authmgr| AAA profile for wired user is "aaa-wired-ntlm"
Apr 27 18:51:56 :522004: <DBUG> |authmgr| MAC=00:26:08:a6:8c:59 def_vlan 162 derive vlan: 0 auth_type 0 auth_subtype 0
Apr 27 18:51:56 :500511: <DBUG> |mobileip| Station 00:26:08:a6:8c:59, 0.0.0.0: Received association on ESSID: SKYNet Mobility service ON, HA Discovery on Association Off, Fastroaming Disabled, AP: Name h125-fa64 Group dhln BSSID 00:1a:1e:8f:a6:40, phy g, VLAN 162
Apr 27 18:51:56 :500010: <NOTI> |mobileip| Station 00:26:08:a6:8c:59, 0.0.0.0: Mobility trail, on switch 192.168.162.1, VLAN 162, AP h125-fa64, SKYNet/00:1a:1e:8f:a6:40/g
Apr 27 18:52:00 :522026: <INFO> |authmgr| MAC=00:26:08:a6:8c:59 IP=192.168.162.194 User miss: ingress=0x10ca, VLAN=162
Apr 27 18:52:00 :522006: <INFO> |authmgr| MAC=00:26:08:a6:8c:59 IP=192.168.162.194 User entry added: reason=Sibtye
Apr 27 18:52:00 :522004: <DBUG> |authmgr| Station inherit: IP=192.168.162.194 start bssid:00:00:00:00:00:00 essid: port:0x10ca (0x10ca)
Apr 27 18:52:00 :522004: <DBUG> |authmgr| {L3} Update role from logon to authenticated for IP=192.168.162.194
Apr 27 18:52:00 :522004: <DBUG> |authmgr| Reset BWM contract: IP=192.168.162.194 role=authenticated, contract= (0), type=Per role
Apr 27 18:52:00 :522004: <DBUG> |authmgr| station inherit IP=192.168.162.194 bssid:00:1a:1e:8f:a6:40 essid: SKYNet auth:0 type: role:authenticated port:0x10ca
Apr 27 18:52:00 :522004: <DBUG> |authmgr| {192.168.162.194} autTable (" Unauthenticated authenticated ")
Apr 27 18:52:00 :522004: <DBUG> |authmgr| download: ip=192.168.162.194 acl=51/0 role=authenticated, Ubwm=0, Dbwm=0 tunl=0x10ca, PA=0, HA=1, RO=0, VPN=0

Version history
Revision #:
1 of 1
Last update:
‎07-07-2014 02:55 PM
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: