Wireless Access

Reply
MVP
Posts: 1,422
Registered: ‎10-25-2011

Client Session Report and User Roles (initial and post-auth) can it report on a user who had both?

Hi Everyone,

 

I was asked a particular question the other day and I couldn't answer it because I was not sure how Airwave treated user roles in the Client Session Report.

 

This was what I was asked

"Presumably any client who has an entry with a 'post authentication' role also at some previous point had an 'initial role'  so called session, however, there are literally 0 occurrences of the same MAC having the 2 separate roles on separate lines when we run the session report

 

Is Airwave only using the last role?"

 

AMP Report configuration:

Under Client Sessions, only Session was chosen.

 

Report

ATTACHED

 

So I guess the question is can we report on a user initially connected to the wireless and then processed a captive portal and received a post-authentication role.

 

Use-case is coffee shops, marketing wants to know how many people initially associated and then processed the auth page to use the wifi service.

 

 

Pasquale Monardo | Senior Network Solutions Consultant
ACDX #420 | ACMP
[If you found my post helpful, please give kudos!]
Guru Elite
Posts: 20,993
Registered: ‎03-29-2007

Re: Client Session Report and User Roles (initial and post-auth) can it report on a user who had bot

Airwave reads the user table at 5 minute intervals, so it is possible when airwave read the user table, the user was not in the logon role, just in the post-auth role.  You should just process users in the post-auth role and that will give an accurate picture.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

MVP
Posts: 1,422
Registered: ‎10-25-2011

Re: Client Session Report and User Roles (initial and post-auth) can it report on a user who had bot

Thx Colin.

 

We can definitely do that but we have no way currently of knowing whether associated users turn into "customer" by accepting terms and conditions and going into a post-auth role.

 

 

Pasquale Monardo | Senior Network Solutions Consultant
ACDX #420 | ACMP
[If you found my post helpful, please give kudos!]
Guru Elite
Posts: 20,993
Registered: ‎03-29-2007

Re: Client Session Report and User Roles (initial and post-auth) can it report on a user who had bot

pmonardo,

 

Would the user be in the post-auth role unless they accepted the terms and conditions?

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

MVP
Posts: 1,422
Registered: ‎10-25-2011

Re: Client Session Report and User Roles (initial and post-auth) can it report on a user who had bot

No they would not but the end customer wants to know how many associations
turn into valid sessions (post-auth role).

There is no way to track that since AMP polls every 5 min for client data.
Pasquale Monardo | Senior Network Solutions Consultant
ACDX #420 | ACMP
[If you found my post helpful, please give kudos!]
MVP
Posts: 1,422
Registered: ‎10-25-2011

Re: Client Session Report and User Roles (initial and post-auth) can it report on a user who had bot

[ Edited ]

We are also seeing tons of sessions with "-" as a role.....

 

 

Any ideas what this could be?

Pasquale Monardo | Senior Network Solutions Consultant
ACDX #420 | ACMP
[If you found my post helpful, please give kudos!]
Moderator
Posts: 1,252
Registered: ‎10-16-2008

Re: Client Session Report and User Roles (initial and post-auth) can it report on a user who had bot

I'd be interested in knowing what the Auth Type and Auth Time are for these clients.  Most often, clients with a '-' role are unauthenticated (negative auth time is a 2nd way of confirming lack of auth), and typically have no usage.  This is often the case with traps as the trap doesn't always have a role line for clients. Role info is currently gathered through polling.


Rob Gin
Senior QA Engineer - Network Services
Aruba Networks, a Hewlett Packard Enterprise Company
MVP
Posts: 1,422
Registered: ‎10-25-2011

Re: Client Session Report and User Roles (initial and post-auth) can it report on a user who had bot

What do you need from me to show you?
Pasquale Monardo | Senior Network Solutions Consultant
ACDX #420 | ACMP
[If you found my post helpful, please give kudos!]
Moderator
Posts: 1,252
Registered: ‎10-16-2008

Re: Client Session Report and User Roles (initial and post-auth) can it report on a user who had bot

On the client page:

Filter for role '-'

Columns to view: snmp source, assoc time, duration, auth type, auth time, usage

 

You'll often see clients in '-' role when the SNMP source is a trap.

 

role-.jpg

 

Usage shouldn't be very high since it only constitutes auth requests and re-requests while the client is unauthenticated.


Rob Gin
Senior QA Engineer - Network Services
Aruba Networks, a Hewlett Packard Enterprise Company
MVP
Posts: 1,422
Registered: ‎10-25-2011

Re: Client Session Report and User Roles (initial and post-auth) can it report on a user who had bot

[ Edited ]

Here you go

Attached

 

This is a snapshot of the 9000+ clients in Airwave like this out of 22k currently...

 

Pasquale Monardo | Senior Network Solutions Consultant
ACDX #420 | ACMP
[If you found my post helpful, please give kudos!]
Search Airheads
Showing results for 
Search instead for 
Did you mean: