Wireless Access

Reply
MVP
Posts: 2,954
Registered: ‎10-25-2011

Wired clients on APS(rap3, rap 109 etc) user table

Does anyone know why i need to make the port untrusted  and well using split tunnel for example to make it appear on the user table? if i make it trusted then it wont appear... why is that?

 

Also i got an ip phone plugged to a rap3 here on my home and i see this

 

172.17.7.12:-255/9 on the ESSID


And my workstation

 

172.17.7.12:0/1 on the ESSID

 

Well when i saw my workstation i though oh its the port 0/1 and well my workstation is plugged to that port to the port 1 nice...

 

But then i saw 172.17.7.12:-255/9 and i was like whats the 255/9?? its plugged to port 2

 

Any ideas what is it?

 

Cheers

Carlos

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
Aruba
Posts: 1,643
Registered: ‎04-13-2009

Re: Wired clients on APS(rap3, rap 109 etc) user table

By marking a port untrusted, you are saying you want to identify the device.   This enables a AAA profile, with a role, thus the visibility of the client on the user table.  If you mark it trusted, then all traffic is allowed, no identification/authentication necessary.   

 

Your assessment of your workstation on port 1 is correct, thus the :0/1


However, I am not sure what 255/9 is.   I just tried it on a RAP-3 and it shows up as 192.168.3.230:0/2.   Not sure where you are getting the 255/9 from.

------------------------------------------------
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX

MVP
Posts: 2,954
Registered: ‎10-25-2011

Re: Wired clients on APS(rap3, rap 109 etc) user table

[ Edited ]

Thanks for the easy explanation Clembo!

Im getting that info from the user table... look by yourselft

 

usertable.PNG

The second one which give me that number is an Alcatel Ip Phone

 

Cheers

Carlos

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
MVP
Posts: 2,954
Registered: ‎10-25-2011

Re: Wired clients on APS(rap3, rap 109 etc) user table

[ Edited ]

If i put it on tunnel mode untrusted it show it correctly

 

lookusertable2.PNG

 

But now i put it again on split tunnel i see that crazy number again

 

usertable3.PNG

 

 

Looks like a bug or something like it or what do you thin Chris?

 

Cheers

Carlos

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
Aruba
Posts: 1,643
Registered: ‎04-13-2009

Re: Wired clients on APS(rap3, rap 109 etc) user table

not sure; mine was in split-tunnel and showed properly; code is 6.2.0.2 on this controller.

 

 

------------------------------------------------
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX

Contributor II
Posts: 54
Registered: ‎04-03-2011

Re: Wired clients on APS(rap3, rap 109 etc) user table

Hijacking the thread, will the local split tunneling work with the trusted option checked? Let's say I got a wired port for a local switch that I put in split tunneling and trusted and then I've got a printer on another wired port on my RAP5.

Guru Elite
Posts: 20,807
Registered: ‎03-29-2007

Re: Wired clients on APS(rap3, rap 109 etc) user table


Mewn wrote:

Hijacking the thread, will the local split tunneling work with the trusted option checked? Let's say I got a wired port for a local switch that I put in split tunneling and trusted and then I've got a printer on another wired port on my RAP5.


A split tunneled port MUST be untrusted, because we get the initial role from the AAA profile attached.  That initial role and the firewall policies defines what traffic is tunneled and what traffic is bridged.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: