02-08-2018 07:55 AM
On Client Session Report there is a dash instead of the username next to the mac address. The client mac address appears as not authenticated to Guest wifi. Yet it is listed as TopTalker. So throughout the day it has been connected and authenticated to different SSID(s) at the premisses. Please advise if the following conclusions are accurate:
-- for the purpouse of this report - the controller does not keep track of the usernames associated to mac addresses;
-- the Client Session Report is (to an extent) a snapshot; it lists the last access point the controller saw the device connected to (within the timespan the report covers) (or is it the discovering AP?)
Solved! Go to Solution.
Re: AirWave Client session report - no username
02-08-2018 08:31 AM
Client session report proivde the complete association history of clients (to which AP/usage/connection mode/type etc) for the time period report is been scheulded.
Go to client >detail page in Airwave for more detials to see if it have username associated,if controller reporting username then airwave will upate that info in its database.
Airwave retain the client data dependend on historical retention setting configured in AMP Setup>General>Historical Retention setting.
If controller shows username when user is active but it is not updating in ariwave then need to enable debug logs in Airwave and need to see whether contorller sending name or not?
If my post address your queries, give kudos and accept as solution!
NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
03-12-2018 06:51 AM
So: some Guest-WiFi clients display even 5 GB usage over 24 hours without being authenticated; the concern was that they are somehow bypassing the captive portal or that for some reason the controller does not report the username. Mistery solved: clients remain always in the initial role; the apps installed on the mobile devices repeatedly attempt to communicate with the corresponding public IPs (for updates probably); in the initial role http traffic is dst-NAT-ed to the controller; so the controller intercepts and denies access. So the public IPs are always seen as destination and never as source in datapath table. The 5 GB of traffic is "legitimate" so to say. We'll be working on a solution on how to trimm it down.