Wireless Access

Reply
Occasional Contributor II

Datapath Session Table - AOS 6.1.3.4

I ran in to an issue at a customes site on Friday when trying to interogate the datapath session table for a particular client, on closer inspection the table didn't have any "denied traffic" in the session table. i've re-confirmed this today on our corporate controller were it fails todisplay any "denied traffic" for the entire datatpath session table, both controllers were 3000 controllers running 6.1.3.4 code.

 

Is this a recongnised issue?

Frequent Contributor II

Re: Datapath Session Table - AOS 6.1.3.4

i think you never see blocked connection in datapath because are "blocked",

you can see firewall hits counters

maybe you can see somethin in syslog if you enable it and creade a block rule with log flag in firewall if you want to see discarded connection details

 

for example this is my blocked session log

"Jan 18 09:33:00 :124006:  <WARN> |authmgr|  {24} ICMP srcip=192.168.0.100 dstip=192.168.1.128, type=8, code=0, sequence=2091, id=8214, action=deny, role=Ospiti-guest-logon, policy=bloccaspoof





Andrea Consadori
ACMP 5.0 and 6.3


-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
Occasional Contributor II

Re: Datapath Session Table - AOS 6.1.3.4

No this is definitely something that used to be there, I've used it many a time, just doesn't appear to be there now.

Frequent Contributor II

Re: Datapath Session Table - AOS 6.1.3.4

you're right, flag D..

Andrea Consadori
ACMP 5.0 and 6.3


-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: