Controller Based WLANs

Why is the output of the ?show user-table? command (in ArubaOS) different from the AirWave GUI?

Product and Software: This article applies to all ArubaOS versions.

AirWave counts the number of users based on the SNMP query result of wlanStaAccessPointESSID (OID 1.3.6.1.4.1.14823.2.2.1.5.2.2.1.1.12). This is number of stations that are currently associated.

For example:

snmpwalk -v 2c -c isg 10.168.127.5 1.3.6.1.4.1.14823.2.2.1.5.2.2.1.1.12

SNMPv2-SMI::enterprises.14823.2.2.1.5.2.2.1.1.12.0.22.234.240.199.50 = STRING: "WPA-TEST"

(ArubaM3K1) #show station-table

Station Entry

-------------

MAC Name Role Age(d:h:m) Auth AP name Essid Phy Remote Profile

------------ ------ ---- ---------- ---- ------- ----- --- ------ -------

00:16:ea:f0:c7:32 WPA-eID-User 00:00:00 No wpa2test WPA-TEST a No EDW-SIUE-WPA-AAA

Station Entries: 1

(ArubaM3K1) #show user

Users

-----

IP MAC Name Role Age(d:h:m) Auth VPN link AP name Roaming Essid/Bssid/Phy Profile

---------- ------------ ------ ---- ---------- ---- -------- ------- ------- --------------- -------

User Entries: 0/0

Before the user passes dot1x authentication, the user does not have an IP address. However, the user is associated to an AP. Using snmpwalk and the 'show station' command will provide the entry, but the user table has no entry.

In ArubaOS, an associated client might not be in the user table:

  • if the client has not received an IP address if it is using DHCP

and

  • if the client has received an IP (or statically configured with an IP), the client has not sent any IP packet

Another OID that can be queried is wlsxUserTable (OID 1.3.6.1.4.1.14823.2.2.1.4.1.2).

However, the same issue exists. As soon as a station is associated, the authentication module on Aruba controller creates an entry for this station.

Here is an example of the snmpwalk on this OID:

snmpwalk -v 2c -c isg 10.168.127.5 1.3.6.1.4.1.14823.2.2.1.4.1.2

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.3.0.22.234.240.199.50.0.0.0.0 = "

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.4.0.22.234.240.199.50.0.0.0.0 = STRING: "WPA-eID-User"

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.5.0.22.234.240.199.50.0.0.0.0 = Timeticks: (19900) 0:03:19.00

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.6.0.22.234.240.199.50.0.0.0.0 = INTEGER: 0

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.7.0.22.234.240.199.50.0.0.0.0 = INTEGER: 0

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.8.0.22.234.240.199.50.0.0.0.0 = "

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.9.0.22.234.240.199.50.0.0.0.0 = IpAddress: 0.0.0.0

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.10.0.22.234.240.199.50.0.0.0.0 = STRING: "wpa2test"

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.11.0.22.234.240.199.50.0.0.0.0 = Hex-STRING: 00 0B 86 AC E1 D0

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.12.0.22.234.240.199.50.0.0.0.0 = INTEGER: 0

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.13.0.22.234.240.199.50.0.0.0.0 = IpAddress: 0.0.0.0

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.14.0.22.234.240.199.50.0.0.0.0 = INTEGER: 3

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.15.0.22.234.240.199.50.0.0.0.0 = INTEGER: 0

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.16.0.22.234.240.199.50.0.0.0.0 = INTEGER: 400

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.17.0.22.234.240.199.50.0.0.0.0 = INTEGER: 0

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.18.0.22.234.240.199.50.0.0.0.0 = "

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.19.0.22.234.240.199.50.0.0.0.0 = INTEGER: 0

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.20.0.22.234.240.199.50.0.0.0.0 = INTEGER: 0

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.21.0.22.234.240.199.50.0.0.0.0 = INTEGER: 2

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.22.0.22.234.240.199.50.0.0.0.0 = INTEGER: 400

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.23.0.22.234.240.199.50.0.0.0.0 = INTEGER: 2

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.24.0.22.234.240.199.50.0.0.0.0 = INTEGER: 5

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.25.0.22.234.240.199.50.0.0.0.0 = INTEGER: 0

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.26.0.22.234.240.199.50.0.0.0.0 = INTEGER: 1

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.27.0.22.234.240.199.50.0.0.0.0 = "

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.28.0.22.234.240.199.50.0.0.0.0 = "

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.29.0.22.234.240.199.50.0.0.0.0 = INTEGER: 2

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.30.0.22.234.240.199.50.0.0.0.0 = INTEGER: 0

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.31.0.22.234.240.199.50.0.0.0.0 = "

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.32.0.22.234.240.199.50.0.0.0.0 = INTEGER: 2

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.33.0.22.234.240.199.50.0.0.0.0 = INTEGER: 0

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.34.0.22.234.240.199.50.0.0.0.0 = INTEGER: 1

SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.35.0.22.234.240.199.50.0.0.0.0 = INTEGER: 10

But the user is still not in the user table:

(ArubaM3K1) #show user

Users

-----

IP MAC Name Role Age(d:h:m) Auth VPN link AP name Roaming Essid/Bssid/Phy Profile

---------- ------------ ------ ---- ---------- ---- -------- ------- ------- --------------- -------

User Entries: 0/0

So, the AirWave GUI might not match the output of the 'show user-table' command.

Version History
Revision #:
1 of 1
Last update:
‎07-05-2014 03:41 AM
Updated by:
 
Labels (1)
Contributors
Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.