You are here: Home > CLI Commands > Just_CLI_Topics > show ipv4 user-table

show ipv4 user-table

show ipv4 user-table

ap-group <ap-group>

rows <start-row> <no-of-rows>

unique [rows <start-row> <no-of-rows>]

ap-name <ap-name>

rows <start-row> <no-of-rows>

unique [rows <start-row> <no-of-rows>]

authentication-method {dot1x|mac|opensystem|psk|stateful-dot1x|via-vpn|vpn|web}

rows <start-row> <no-of-rows>

unique [rows <start-row> <no-of-rows>]

bssid <A:B:C:D:E:F>

rows <start-row> <no-of-rows>

unique [rows <start-row> <no-of-rows>]

debug

rows <start-row> <no-of-rows>

unique [rows <start-row> <no-of-rows>]

essid <STRING>

ip

rows <start-row> <no-of-rows>

unique [rows <start-row> <no-of-rows>]

internal

rows <start-row> <no-of-rows>

ip <addr> [log]

mac <A:B:C:D:E:F>

mobile

bindings [<start-row> <no-of-rows>|unique [rows <start-row> <no-of-rows>]]

rows <start-row> <no-of-rows>

unique

bindings [<start-row> <no-of-rows>|unique [rows <start-row> <no-of-rows>]]

rows <start-row> <no-of-rows>

visitors [rows <start-row> <no-of-rows>]

visitors [<start-row> <no-of-rows>|unique [rows <start-row> <no-of-rows>]]

name <STRING> [unique]

phy-type {[a]|[b]}

rows <start-row> <no-of-rows>

unique [rows <start-row> <no-of-rows>]

role <STRING>

rows <start-row> <no-of-rows>

unique [rows <start-row> <no-of-rows>]

rows <start-row> <no-of-rows>

station

verbose

rows <start-row> <no-of-rows>

unique [rows <start-row> <no-of-rows>]

Description

This command displays the IPv4 user table entries. You can filter the output based on various parameters described in the following table.

Syntax

Parameter

Description

ap-group <ap-group>

Filter the output of this command by showing users connected to APs that belong to the specified AP group.

ap-name <ap-name>

Filter the output of this command by showing users connected to an AP with the specified AP name.

authentication-method

Filter the output of this command by the authentication method used for the device:

dot1x

Filer the output of this command by showing data for devices using the 802.1X802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority. authentication.

mac

Filer the output of this command by showing data for devices using the MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication.

opensystem

Filer the output of this command by showing data for devices using the open (no) authentication.

psk

Filer the output of this command by showing data for devices that do not use authentication but use a PSKPre-shared key. A unique shared secret that was previously shared between two parties by using a secure channel. This is used with WPA security, which requires the owner of a network to provide a passphrase to users for network access. for encryption.

stateful-dot1x

Filer the output of this command by showing data for devices using stateful 802.1X802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority. authentication.

via-vpn

Filer the output of this command by showing data for devices that authenticate using VIA.

vpn

Filer the output of this command by showing data for devices using VPNVirtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two. authentication.

web

Filer the output of this command by showing data for devices using the Captive PortalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication.

bssid

Filer the output of this command by showing users connected to the specified BSSIDBasic Service Set Identifier. The BSSID identifies a particular BSS within an area. In infrastructure BSS networks, the BSSID is the MAC address of the AP. In independent BSS or ad hoc networks, the BSSID is generated randomly..

debug

Filer the output of this command by showing entries in the IPv4 user-table that are in debug mode.

essid

Filer the output of this command by showing entries in the IPv4 user table that are associated to the specified ESSIDExtended Service Set Identifier. ESSID refers to the ID used for identifying an extended service set.. If the ESSIDExtended Service Set Identifier. ESSID refers to the ID used for identifying an extended service set. includes spaces, you must enclose it in quotation marks.

internal

Filer the output of this command by showing internal IPv4 users.

ip <A.B.C.D>

Filer the output of this command by showing IPv4 users that match the specified IPv4 address.

log

Filer the output of this command by showing the log information for the specified IPv4 client.

mac

Filer the output of this command by showing users with the specified MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address.

mobile

Filer the output of this command by showing a list of mobile users in the IPv4 user table. The following filters are available for this parameter:

bindings—List of users that have moved away from the current managed device.

rows—Displays entries that match the specified row number.

unique—Displays unique entries in the IPv6 user-table.

visitors—Displays users that have associated with the current managed device.

name

Filer the output of this command by showing IPv4 user table entries that match the specified name.

phy-type

Filer the output of this command by showing IPv4 user table entries that match a or b phy-type.

role

Filer the output of this command by showing IPv4 user table entries that match the specified role.

rows

Filer the output of this command by showing specific rows in the IPv4 user table. Enter the starting row number and the number of rows to be displayed.

station

Filer the output of this command by showing the station table information for the IPv4 user table entries.

verbose

Filer the output of this command by showing the complete IPv4 user table with all details.

Usage Guidelines

This command should be executed from the managed device only where the APs and client terminate.

Example

The following example displays a list of internal IPv4 user entries:

(host-md) #show ipv4 user-table

 

IP MAC Name Role Age(d:h:m) Auth

---------- ------------ ------ ---- ---------- ----

192.168.201.234 00:10:18:a9:38:e1 uccsol10 ucc-dot1x-voice 00:22:14 802.1X

192.168.201.230 5c:c5:d4:7d:c0:80 uccsol23 ucc-dot1x-voice 00:02:59 802.1X

192.168.201.252 48:51:b7:19:40:88 uccsol19 ucc-dot1x-voice 00:22:14 802.1X

192.168.201.241 5c:c5:d4:7d:c2:b5 uccsol24 ucc-dot1x-voice 00:02:59 802.1X

192.168.201.233 5c:c5:d4:7d:c0:b7 uccsol22 ucc-dot1x-voice 00:02:29 802.1X

 

VPN link AP name Roaming Essid/Bssid/Phy Profile Forward mode

-------- ------- ------- --------------- ------- ------------

115-1 Wireless UCC-DOT1X/ac:a3:1e:27:e4:b1/a-HT UCC-DOT1X dtunnel

325-1 Wireless UCC-DOT1X/ac:a3:1e:57:6d:90/a-VHT UCC-DOT1X dtunnel

325-1 Wireless UCC-DOT1X/ac:a3:1e:57:6d:90/a-VHT UCC-DOT1X dtunnel

325-1 Wireless UCC-DOT1X/ac:a3:1e:57:6d:90/a-VHT UCC-DOT1X dtunnel

325-1 Wireless UCC-DOT1X/ac:a3:1e:57:6d:90/a-VHT UCC-DOT1X dtunnel

 

Type Host Name

---- ---------

 

 

 

User Entries: 5/5

The output of this command includes the following parameters:

Parameter

Description

IP

IP address of the client in that row that authenticating using 802.1X802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority. authentication.

MAC

MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address of the client.

Name

Name of the client.

Role

The role assigned to the client.

Age (d:h:m)

Total time that client is connected to managed device.

Auth

Authentication type of the client.

VPN link

Clients using VPNVirtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two. authentication.

AP name

Name of the AP associated with the client.

Roaming

Current roaming status of the client.

Essid/Bssid/Phy

ESSIDExtended Service Set Identifier. ESSID refers to the ID used for identifying an extended service set., BSSIDBasic Service Set Identifier. The BSSID identifies a particular BSS within an area. In infrastructure BSS networks, the BSSID is the MAC address of the AP. In independent BSS or ad hoc networks, the BSSID is generated randomly., and Phy to which the client is associated.

Profile

The AAAAuthentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption. profile to which the client is associated.

Forward Mode

The client traffic forwarding mode.

Related Commands

Command

Description

show user-table

Displays detailed information about the controller’s connection to a user device, in regards to mobility state and statistics, authentication statistics, VLANVirtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. assignment method, AP datapath tunnel info, radius accounting statistics, user name, user-role derivation method, datapath session flow entries, and 802.11802.11 is an evolving family of specifications for wireless LANs developed by a working group of the Institute of Electrical and Electronics Engineers (IEEE). 802.11 standards use the Ethernet protocol and Carrier Sense Multiple Access with collision avoidance (CSMA/CA) for path sharing. association state and statistics.

Command History

Release

Modification

ArubaOS 8.0.0.0

Command introduced.

Command Information

Platforms

License

Command Mode

All platforms

Base operating system.

Enable mode on Managed Device.

/*]]>*/