WifiHax - Making Networks Excellent
  • Blog
  • Contact

NetSH for Eddie

12/5/2021

Comments

 
Windows Netsh Commands

To see the SSIDs near the client
netsh wlan show networks
netsh wlan show networks interface=<NIC>
netsh wlan show networks mode=bssid
netsh wlan show networks mode=bssid >> c:\testfolder\wirelessclientdata.txt
mode=bssid adds more details about each network

Find an SSID with specific text in the name:
netsh wlan show networks | find “Employee"
or
netsh wlan show networks | select-string <your-SSID-name>

Show WLAN profiles configured in windows
netsh wlan show profile

Wireless LAN Driver Properties
netsh wlan show driver
Comments

Troubleshoot: ArubaOS 8 - Useful CLI Commands

3/6/2020

Comments

 
ArubaOS (AOS) is the wireless LAN operating system for Aruba Instant Access Points and Wireless Gateways / Controllers. In AOS 8 you can use the following commands on a Mobility Controller (or a managed device, managed by a Mobility Master) to help troubleshoot various problems you may face with Access Points or Wi-Fi stations/clients.
These commands will need to be used directly on the controller (not the Mobility Master). You can jump to the controller by using the command mdc from within the Mobility Master (MM) CLI. First jump to the controller node-level with cd </md/node-hierarchy-path> so you are operating within the context of a particular managed node (controller/gateway/managed device). I prefer and recommend using this method over opening a direct SSH session to the single controller.

Take a look at the ap-debug statistics for a particular Access Points (AP). Look for Heartbeats, Interface counters, ARP cache Interface info, AP uptime, Ethernet Duplex/Speed, LMS info.
# show ap debug system-status ap ap-name <ap-name>
Check for high number of reboots or bootstraps (when the GRE keep-alive is missed). 
# show ap debug counters ap-name <ap-name>
It might be worth checking the AP system Profile for the “Bootstrap Threshold”. The current default is 8. If it is not specified in the config then its 8.
# show configuration effective | begin "ap system"
# show configuration effective | include “bootstrap-threshold”
​If your clients experiences issues there are commands to target statistics and logs specific to a station.
# show ap debug client-stats <client-mac-address>
​Look for tx/rx frames and data (if its incrementing then that’s positive), dropped frames, success vs retry.
# show user mac <client-mac-address>
# show auth-tracebuf mac <client-mac-address>
# show datapath session table <client-IP-address>
​Within the AP you can look at radio stats also. ​Look for radio resets, tx power changes, channel changes, noise floor, data drops and CRC errors increasing…
# show ap debug radio-stats ap-name <ap-name> radio 0 advanced
# show ap debug radio-stats ap-name <ap-name> radio 1 advanced
​ARM history for the AP:
# show ap arm rf-summary ap-name <ap-name>
​Show clients associated to a particular AP:
# show ap association ap-name <ap-name>
Comments

Troubleshoot: ArubaOS-Switch DUR

2/6/2020

Comments

 
​Aruba Downloadable User Roles (DUR) uses HTTPS. When the DUR is being issued by Aruba ClearPass the switch must trust the HTTPS certificate that the ClearPass server uses. The Certificate Authority intermediate certificate must be loaded into the switch as a trusted authority certificate. The public HTTPS certificate is automatically downloaded to the switch when a radius-server host, with type ClearPass, is configured on the switch (e.g. radius-server host <ip-address> clearpass).

To enable useful debugging certificate issues the following commands will work on an ArubaOS Switch.
# debug destination session
# debug security ssl
# debug security crypto
# debug event
If the switch detects any issues with the HTTPS process during a radius request which results in a DUR a debug message should be logged to the session window. During the SSL session there may be a lot of messages (it is noisy). Use 'no debug security ssl' to disable those messages.

When DUR works successfully the issued User Role will be specified in the Port Access Client Status output. To see information about the user-roles available and issued use the following show commands.
# show port-access client
# show user-role
# show user-role downloaded
# show user-role downloaded detailed
Comments

    WifiHax

    We build and optimise networks. Continuous learning is our secret to being good. Along the learning journey we will share things here...

    Archives

    May 2021
    June 2020
    December 2019
    September 2019
    August 2019
    July 2019
    April 2019
    November 2018
    October 2018
    September 2018
    January 2018
    October 2017
    September 2017
    August 2017
    June 2017
    April 2017
    February 2017
    November 2016
    September 2016
    August 2016
    May 2016
    March 2016
    January 2016
    November 2015
    October 2015

    Categories

    All
    802.1X
    ACMA
    AirDrop
    API
    Apple
    ARPANSA
    Aruba
    Audit
    Bluetooth
    Capture
    CECV
    ClearPass
    Client
    Conference
    Design
    DNS
    Ekahau
    Exploit
    Frequency
    Health
    IEEE
    Internet
    IoT
    LiFi
    Packets
    Python
    Scripting
    Security
    Spectrum
    Survey
    Switch
    Tools
    Troubleshoot
    VIC
    Vulnerability
    WiFi
    Wireshark
    Zero Day

    RSS Feed

 
​Contact



© COPYRIGHT 2019. ALL RIGHTS RESERVED.

+61 3 9005 2219
proberequest@wifihax.com
  • Blog
  • Contact