Controller Based WLANs

 View Only
last person joined: one year ago 

APs, Controllers, VIA
Back to Library

what are user-how and vlan-how parameter in the output "show user mac  

Jun 26, 2014 08:46 AM

What does user-how and vlan-how values in "show user mac <mac-addr> and show user ip <ip-addr> command points to.

 

This article applies to all aruba controller and OS versions

 

The output of the show user mac <mac-addr> and show user ip <ip-addr> commands include the following information.


(host) (config) show user mac 08-00-27-00-5C-15

Name: host/server.example.org, IP: 10.16.10.70, MAC: 08-00-27-00-5C-15, Role:visd_logon, ACL:67/0, Age: 00:00:09

Authentication: Yes, status: successful, method: 8021x-Machine, protocol: EAP-PEAP, server: Authserv1

Bandwidth = No Limit

Bandwidth = No Limit

Role Derivation: default for authentication type 8021x-Machine

VLAN Derivation: Matched user rule

Idle timeouts: 0, ICMP requests sent: 0, replies received: 0, Valid ARP: 0

Mobility state: Wireless, HA: Yes, Proxy ARP: No, Roaming: No Tunnel ID: 0 L3 Mob: 0

Flags: internal=0, trusted_ap=0, l3auth=0, mba=0

Flags: innerip=0, outerip=0, guest=0, download=1, nodatapath=0, wispr=0

Auth fails: 0, phy_type: a-HT, reauth: 0, BW Contract: up:0 down:0, user-how: 1

Vlan default: 117, Assigned: 116, Current: 116 vlan-how: 1

The role-how and vlan-how parameters in the output of this command display a code that corresponds to the following values:
 

Role Derivation Code Description
0 Default logon role
1 Default user role for authentication type
2 Role derived from server rules
3 Role derived from user rules
4 Predefined Guest role
5 Role inherited from station
6 Forced fole
7 Role derived from Aruba vendor-specific attribute (VSA)
8 RFC 3576 (Change of Authorization) role
9 Role derived from external captive portal
10 Default role from AAA profile
11 Role assigned by an Extended Service Interface (ESI) server group



VLAN Derivation Code Description
1 VLAN derived from user rule
2 VLAN derived from user role
3 VLAN derived from server rule
4 VLAN derived from Aruba vendor-specific attribute (VSA)
5 VLAN derived from Microsoft Tunnel attributes (Tunnel-Type, Tunnel Medium Type, and Tunnel Private Group ID)
6 VLAN assigned from derived role

 

Statistics
0 Favorited
2 Views
0 Files
0 Shares
0 Downloads

Related Entries and Links

No Related Resource entered.