Controller Based WLANs

How to use the Device Name as the User Name for a Non-802.1x authenticated Client?
Requirement:

How to use the Device Name as the User Name for a Non-802.1x authenticated Clients?

 

The controllers should be running minimum AOS: 6.5.x or above.



Solution:

 

By default for all Non-802.1x authenticated client, the MAC address of the host device were used as the user name. Using the MAC address it was difficult to identify the host. So starting from AOS: 6.5.x we have introduced an option called "Set username from dhcp option 12" under the aaa profile. When this option is set it will use the Device Name as the User Name for the Non-802.1x authenticated clients. 

This option is disabled by default. When this option is enabled it gets the device name using the DHCP option 12 and uses it as the user name for the host. After enabling this option it is mandatory for the client/host to go through the DHCP transaction at least once so that the controller can capture the DHCP option 12 and use it as the user name.



Configuration:

Configuring username-from-dhcp-opt12:

(Aruba-Master) #configure terminal
Enter Configuration commands, one per line. End with CNTL/Z

(Aruba-Master) (config) #aaa profile test-aaa
(Aruba-Master) (AAA Profile "test-aaa") #username-from-dhcp-opt12
(Aruba-Master) (AAA Profile "test-aaa") #exit

 



Verification

 

(Aruba-Master7240) #show aaa profile test-aaa

AAA Profile "test-aaa"
---------------------
Parameter                           Value
---------                           -----
Initial role                        logon
MAC Authentication Profile          N/A
MAC Authentication Default Role     guest
MAC Authentication Server Group     default
802.1X Authentication Profile       N/A
802.1X Authentication Default Role  guest
802.1X Authentication Server Group  N/A
Download Role from CPPM             Disabled
Set username from dhcp option 12    Enabled
L2 Authentication Fail Through      Disabled
Multiple Server Accounting          Disabled
User idle timeout                   N/A
Max IPv4 for wireless user          2
RADIUS Accounting Server Group      N/A
RADIUS Interim Accounting           Disabled
XML API server                      N/A
RFC 3576 server                     N/A
User derivation rules               N/A
Wired to Wireless Roaming           Enabled
SIP authentication role             N/A
Device Type Classification          Enabled
Enforce DHCP                        Disabled
PAN Firewall Integration            Disabled
Open SSID radius accounting         Disabled

Example:

Before enabling username-from-dhcp-opt12:

(Aruba-Master7240) #show user-table

Users
-----
    IP           MAC            Name     Role      Age(d:h:m)  Auth  VPN link  AP name  Roaming  Essid/Bssid/Phy  Profile  Forward mode  Type  Host Name
----------  ------------       ------    ----      ----------  ----  --------  -------  -------  ---------------  -------  ------------  ----  ---------
20.20.20.1  f0:1f:af:52:42:9f            logon     00:00:01                    0/0/1    Wired                     test-aaa  tunnel

User Entries: 1/1
 Curr/Cum Alloc:1/8 Free:0/7 Dyn:1 AllocErr:0 FreeErr:0

 

 After enabling username-from-dhcp-opt12:

 (Aruba-Master7240) #show user-table

Users
-----
    IP           MAC            Name          Role      Age(d:h:m)  Auth  VPN link  AP name  Roaming  Essid/Bssid/Phy  Profile  Forward mode  Type     Host Name
----------  ------------       ------         ----      ----------  ----  --------  -------  -------  ---------------  -------  ------------  ----     ---------
20.20.20.1  f0:1f:af:52:42:9f  Test-aruba-PC  logon     00:00:01                    0/0/1    Wired                     test-aaa  tunnel        Windows

User Entries: 1/1
 Curr/Cum Alloc:1/8 Free:0/7 Dyn:1 AllocErr:0 FreeErr:0

 

In the above example the Test-aruba-PC is the the computer name on the host. The controller reads the device name from DHCP option 12 and it reflects in the above output. 
 

 

Version History
Revision #:
2 of 2
Last update:
‎07-21-2016 02:19 PM
Updated by:
 
Labels (1)
Contributors
Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.