Wireless Access

Reply
New Contributor

Datapath session table through NAT

I've got a controller that has a guest network on it.  The controller has an rfc1918 range on it, is serving dhcp, and is providing nat/pat.  I'm trying to figure out a way to get source/destination flows from it.  On our non-guest range, I can issue a "show datapath session table x.x.x.x" and get both outbound and inbound flows. However, on the guest range, I only get outbound flows:

 

  Source IP     Destination IP  Prot SPort DPort  Cntr Prio ToS Age Destination TAge Packets   Bytes      Flags
--------------  --------------  ---- ----- -----  ---- ---- --- --- ----------- ---- --------- ---------  -----
192.168.93.61   23.61.194.96    6    49490 80     0/0     0 24  9   tunnel 930  a3   217       17093      STC
192.168.93.61   23.61.194.96    6    49491 80     0/0     0 24  9   tunnel 930  a3   76        6556       STC
192.168.93.61   23.61.194.112   6    49496 80     0/0     0 24  9   tunnel 930  a2   115       8226       STC
192.168.93.61   23.61.194.112   6    49497 80     0/0     0 24  9   tunnel 930  a2   21        1960       STC
192.168.93.61   23.61.194.96    6    49494 80     0/0     0 24  10  tunnel 930  a2   12        954        STC
192.168.93.61   23.61.194.96    6    49492 80     0/0     0 24  9   tunnel 930  a3   37        2912       STC
192.168.93.61   17.172.232.152  6    49308 443    0/0     0 24  23  tunnel 930  44b  0         0          STC
192.168.93.61   17.154.66.156   6    49501 443    0/0     0 24  10  tunnel 930  a0   20        2403       STC
192.168.93.61   23.61.194.104   6    49495 80     0/0     0 24  9   tunnel 930  a2   172       14243      STC
192.168.93.61   216.113.175.215 6    49383 443    0/0     0 24  24  tunnel 879  18f  0         0          STC

 

 

Any idea how to get a capture for inbound flows as well?  Thx

Re: Datapath session table through NAT

Although it might not be the complete answer you're looking for, I've one tip...

 

Say for instance you're looking for the inbound session of the first outbound one listed in your table. In that case, do a...

 

"show datapath session table | include 49490"

 

This will match anything with that source port, which actually shows what I think you're looking for more often that not.

 

For example, I just did the below on one of my controllers setup similarly to what you likely will have. In this case, matching port 59211, after I looked at client 172.16.10.84 sessions...

 

(WLCBSA001) #show datapath session table | include 59211
172.16.10.84    67.215.65.132   6    59211 1352   0/0     0 0   1   tunnel 43   17   0         0          SYC
67.215.65.132   194.x.x.x 6    1352  59211  0/0     0 0   1   tunnel 43   17   0         0          NY

 

194.x.x.x is my ouside interface.

 

 

Kudos appreciated, but I'm not hunting! (ACMX 104)
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: