ARUBA - Port-Access
From Wiki.IT-Arts.net
Debug The client/server Failure Reason
ARUBA-SWITCH# show aaa authentication port-access mac-auth interface all client-status
Port Access Client Status Details
Client AB:CD:DE:FF:AA:BB, 1/1/1
=========================================
Authentication Details
----------------------
Status : Unauthenticated
Auth-Method : CHAP
Auth Failure reason : Server-Timeout
Time Since Last State Change : 200 secs
...
Show Port-Access Clients
ARUBA-SWITCH# show port-access clients
Port Access Clients
Status Codes: d device-mode, c client-mode, m multi-domain
-----------------------------------------------------------------------------------------------------------------
Port MAC-Address Onboarding Status Role Device Type
Method
-----------------------------------------------------------------------------------------------------------------
c 1/1/1 11:22:33:44:55:66 mac-auth Success ROLE-EXAMPLE
c 1/1/2 11:22:33:44:55:67 mac-auth Success ROLE-EXAMPLE
c 1/1/3 11:22:33:44:55:68 mac-auth Success ROLE-EXAMPLE
c 1/1/4 11:22:33:44:55:69 mac-auth Success ROLE-EXAMPLE
c 1/1/5 11:22:33:44:55:70 mac-auth Success ROLE-EXAMPLE
c 1/1/6 11:22:33:44:55:71 mac-auth Success ROLE-EXAMPLE
Show Port-Access Details
ARUBA-SWITCH# show port-access clients interface 1/1/1 detail
Port Access Client Status Details:
Client 11:22:33:44:55:66, 112233445566
======================================
Session Details
---------------
Port : 1/1/1
Session Time : 74454s
IPv4 Address :
IPv6 Address :
Device Type :
VLAN Details
------------
VLAN Group Name :
VLANs Assigned : 2251
Access : 2251
Native Untagged :
Allowed Trunk :
Authentication Details
----------------------
Status : mac-auth Authenticated
Auth Precedence : dot1x - Unauthenticated, mac-auth - Authenticated
Auth History : mac-auth - Authenticated, 74426s ago
dot1x - Unauthenticated, Supplicant-Timeout, 74426s ago
Authorization Details
----------------------
Role : ROLE-EXAMPLE
Status : Applied
Role Information:
Name : ROLE-EXAMPLE
Type : local
----------------------------------------------
Reauthentication Period :
Cached Reauthentication Period :
Authentication Mode :
Session Timeout :
Client Inactivity Timeout : 315360000 secs
Description : ROLE-EXAMPLE
Gateway Zone :
UBT Gateway Role :
UBT Gateway Clearpass Role :
Access VLAN : 2251
Native VLAN :
Allowed Trunk VLANs :
Access VLAN Name :
Native VLAN Name :
Allowed Trunk VLAN Names :
VLAN Group Name :
MTU :
QOS Trust Mode :
STP Administrative Edge Port :
PoE Priority :
PVLAN Port Type :
Captive Portal Profile :
Policy :
Device Type :
show port-access clients onboarding-method
GXP-SW-IDF2-02# show port-access clients onboarding-method mac-auth detail
Port Access Client Status Details:
Client 11:22:33:44:55:66, 112233445566
======================================
Session Details
---------------
Port : 1/1/1
Session Time : 84946s
IPv4 Address :
IPv6 Address :
Device Type :
VLAN Details
------------
VLAN Group Name :
VLANs Assigned : 2251
Access : 2251
Native Untagged :
Allowed Trunk :
Authentication Details
----------------------
Status : mac-auth Authenticated
Auth Precedence : dot1x - Unauthenticated, mac-auth - Authenticated
Auth History : mac-auth - Authenticated, 84918s ago
dot1x - Unauthenticated, Supplicant-Timeout, 84918s ago
Authorization Details
----------------------
Role : ROLE-EXAMPLE
Status : Applied
Role Information:
Name : ROLE-EXAMPLE
Type : local
----------------------------------------------
Reauthentication Period :
Cached Reauthentication Period :
Authentication Mode :
Session Timeout :
Client Inactivity Timeout : 315360000 secs
Description : ROLE-EXAMPLE
Gateway Zone :
UBT Gateway Role :
UBT Gateway Clearpass Role :
Access VLAN : 2251
Native VLAN :
Allowed Trunk VLANs :
Access VLAN Name :
Native VLAN Name :
Allowed Trunk VLAN Names :
VLAN Group Name :
MTU :
QOS Trust Mode :
STP Administrative Edge Port :
PoE Priority :
PVLAN Port Type :
Captive Portal Profile :
Policy :
Device Type :
Debug Command
ARUBA-SWITCH# debug portaccess macauth all mac MAC address to filter debug logs port PORT name to filter debug logs severity Minimum log severity to filter debug logs
