Product and Software: This article applies to all ArubaOS versions.
AirWave counts the number of users based on the SNMP query result of wlanStaAccessPointESSID (OID 1.3.6.1.4.1.14823.2.2.1.5.2.2.1.1.12). This is number of stations that are currently associated.
For example:
snmpwalk -v 2c -c isg 10.168.127.5 1.3.6.1.4.1.14823.2.2.1.5.2.2.1.1.12
SNMPv2-SMI::enterprises.14823.2.2.1.5.2.2.1.1.12.0.22.234.240.199.50 = STRING: "WPA-TEST"
(ArubaM3K1) #show station-table
Station Entry
-------------
MAC Name Role Age(d:h:m) Auth AP name Essid Phy Remote Profile
------------ ------ ---- ---------- ---- ------- ----- --- ------ -------
00:16:ea:f0:c7:32 WPA-eID-User 00:00:00 No wpa2test WPA-TEST a No EDW-SIUE-WPA-AAA
Station Entries: 1
(ArubaM3K1) #show user
Users
-----
IP MAC Name Role Age(d:h:m) Auth VPN link AP name Roaming Essid/Bssid/Phy Profile
---------- ------------ ------ ---- ---------- ---- -------- ------- ------- --------------- -------
User Entries: 0/0
Before the user passes dot1x authentication, the user does not have an IP address. However, the user is associated to an AP. Using snmpwalk and the 'show station' command will provide the entry, but the user table has no entry.
In ArubaOS, an associated client might not be in the user table:
- if the client has not received an IP address if it is using DHCP
and
- if the client has received an IP (or statically configured with an IP), the client has not sent any IP packet
Another OID that can be queried is wlsxUserTable (OID 1.3.6.1.4.1.14823.2.2.1.4.1.2).
However, the same issue exists. As soon as a station is associated, the authentication module on Aruba controller creates an entry for this station.
Here is an example of the snmpwalk on this OID:
snmpwalk -v 2c -c isg 10.168.127.5 1.3.6.1.4.1.14823.2.2.1.4.1.2
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.3.0.22.234.240.199.50.0.0.0.0 = "
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.4.0.22.234.240.199.50.0.0.0.0 = STRING: "WPA-eID-User"
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.5.0.22.234.240.199.50.0.0.0.0 = Timeticks: (19900) 0:03:19.00
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.6.0.22.234.240.199.50.0.0.0.0 = INTEGER: 0
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.7.0.22.234.240.199.50.0.0.0.0 = INTEGER: 0
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.8.0.22.234.240.199.50.0.0.0.0 = "
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.9.0.22.234.240.199.50.0.0.0.0 = IpAddress: 0.0.0.0
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.10.0.22.234.240.199.50.0.0.0.0 = STRING: "wpa2test"
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.11.0.22.234.240.199.50.0.0.0.0 = Hex-STRING: 00 0B 86 AC E1 D0
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.12.0.22.234.240.199.50.0.0.0.0 = INTEGER: 0
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.13.0.22.234.240.199.50.0.0.0.0 = IpAddress: 0.0.0.0
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.14.0.22.234.240.199.50.0.0.0.0 = INTEGER: 3
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.15.0.22.234.240.199.50.0.0.0.0 = INTEGER: 0
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.16.0.22.234.240.199.50.0.0.0.0 = INTEGER: 400
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.17.0.22.234.240.199.50.0.0.0.0 = INTEGER: 0
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.18.0.22.234.240.199.50.0.0.0.0 = "
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.19.0.22.234.240.199.50.0.0.0.0 = INTEGER: 0
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.20.0.22.234.240.199.50.0.0.0.0 = INTEGER: 0
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.21.0.22.234.240.199.50.0.0.0.0 = INTEGER: 2
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.22.0.22.234.240.199.50.0.0.0.0 = INTEGER: 400
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.23.0.22.234.240.199.50.0.0.0.0 = INTEGER: 2
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.24.0.22.234.240.199.50.0.0.0.0 = INTEGER: 5
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.25.0.22.234.240.199.50.0.0.0.0 = INTEGER: 0
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.26.0.22.234.240.199.50.0.0.0.0 = INTEGER: 1
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.27.0.22.234.240.199.50.0.0.0.0 = "
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.28.0.22.234.240.199.50.0.0.0.0 = "
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.29.0.22.234.240.199.50.0.0.0.0 = INTEGER: 2
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.30.0.22.234.240.199.50.0.0.0.0 = INTEGER: 0
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.31.0.22.234.240.199.50.0.0.0.0 = "
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.32.0.22.234.240.199.50.0.0.0.0 = INTEGER: 2
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.33.0.22.234.240.199.50.0.0.0.0 = INTEGER: 0
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.34.0.22.234.240.199.50.0.0.0.0 = INTEGER: 1
SNMPv2-SMI::enterprises.14823.2.2.1.4.1.2.1.35.0.22.234.240.199.50.0.0.0.0 = INTEGER: 10
But the user is still not in the user table:
(ArubaM3K1) #show user
Users
-----
IP MAC Name Role Age(d:h:m) Auth VPN link AP name Roaming Essid/Bssid/Phy Profile
---------- ------------ ------ ---- ---------- ---- -------- ------- ------- --------------- -------
User Entries: 0/0
So, the AirWave GUI might not match the output of the 'show user-table' command.