Basic Policy Tab
(End User Sessions View)
The Basic Policy Tab (End User Sessions view) displays port end user sessions. To access the tab, select one or more devices or device groups in the left-panel tree, and click the Basic Policy tab in the right panel. Select the End User Sessions option at the top of the tab to display information about each login session for the ports on the selected devices, including the current values being collected for a session still in progress, or the final values for the last valid session when there is no session currently active. For devices that support one authenticated user per port, only one user/current role per port will show up in the table. For devices that support multiple authenticated users per port (such as the RoamAbout R2 and the Matrix N-Series Platinum devices), all users authenticated on its ports will be listed in the table, along with the roles under which they are authenticated.
The Results Filter right-click menu option lets you select the result categories that appear in the table (802.1x, MAC, Web-based, etc.). When the Active Sessions checkbox is checked in the Results filter, only your active sessions are displayed.
IMPORTANT: The Basic Policy tab is not automatically updated. Instead, the tab must be refreshed using the
(Retrieve button) to update the table information each time you access this tab. The first time you access the
Basic Policy tab, the table is blank making it necessary to click retrieve to display port information. If you leave the
Basic Policy tab and then return, the content of the table will not have changed, even though conditions on device ports may have changed. You must again retrieve the information.
Use the table options and tools to find,
filter, sort, print, and export information in the table and customize table settings. You can access the Table
Tools through a right-mouse click on a column heading or anywhere in the table
body, or by clicking the Table Tools
button in the
upper left corner of the table (if you have the row count column displayed). For more information, see the
Table Tools Help topic.
Click areas in the window for more information.
- Results Filter
- The Results Filter is accessed through a right-mouse click on a column
heading or anywhere in the table body. It lets you select the result
categories that appear in the table:
- 802.1x - Show 802.1X authentication sessions
- MAC -Show MAC authentication sessions
- Web-Based - Show Web-Based (PWA) authentication sessions
- CEP - Show CEP authentication sessions
- Active Sessions - Show only active sessions
- Row Count - Show the row count column in the left-most column of the table
- VLAN - Display the following four columns in the table:
- Statistics - Display table columns that show received/transmitted bytes and received/transmitted frames during each session.
- Display Name
-
- Slot
- The range of ports in some devices span multiple slots. For these devices, this column shows the board location (slot) within the chassis where the port is located.
- State
- The end user's authentication status: a blue circle indicates an authenticated end user, a gray circle indicates an unauthenticated end user.
- Policy PVID Override Status
- Indicates whether default access control (a default VLAN) has been enabled for the current role. Default access control allows you to permit traffic to be forwarded, deny traffic altogether, or contain traffic to a VLAN. The default VLAN overrides the 802.1Q PVID for the port. You must have the VLAN checkbox selected in the Results Filter to see this column.
- Policy PVID Override
- If default access control (a default VLAN) has been enabled for the current role and configured to contain traffic to a VLAN, this column displays the associated VLAN ID. The VLAN will be applied to all untagged frames arriving on the port that do not match any VLAN traffic classification rules, and overrides the 802.1Q PVID for the port. A value of 0 indicates that the default access control is configured to drop all frames that do not match a classification rule (Deny Traffic). A value of 4095 indicates that the default access control is configured to forward any frames that do not match a classification rule (Permit) using the 802.1Q PVID. You must have the VLAN checkbox selected in the Results Filter to see this column.
- VLAN ID
- If the user authenticated via RFC 3580 VLAN Authorization, this is the VLAN ID that was returned from the RADIUS server. A VLAN ID value of 0 indicates that no VLAN was assigned. If VLAN authentication is not supported on the device, this column will display "N/A." You must have the VLAN checkbox selected in the Results Filter to see this column.
- VLAN Oper Egress
- The modification that will be made to the VLAN egress list for the VLAN
ID returned by the RADIUS server, if the user authenticated via
RFC 3580 VLAN Authorization.
- None - No modification to the VLAN egress list will be made.
- Tagged - The port will be added to the list with the egress state set to Tagged (frames will be forwarded as tagged).
- Untagged - The port will be added to the list with the egress state set to Untagged (frames will be forwarded as untagged).
- Dynamic - The port will use information returned in the RADIUS response to modify the VLAN egress list.
- MAC Address
- The MAC address of the remote user of this login session.
- Authentication Status
- On Matrix N-Series Platinum devices, the authentication status of the login session. All other
devices will display "N/A." Possible values are:
- Authentication Successful
- Authentication Failed
- Authentication in Progress
- Authentication Server Timeout
- Authentication Terminated
- Terminate Cause
- The reason the login session terminated. For web-based authentication,
the possible values are:
- Administratively Terminated
- Authorization Revoked
- Link Down
- Not Applicable
- Port Disabled
- Unknown Termination Cause
- User Logged Out
- Authorization Revoked
- Client Restarted
- Link Down (or Lost Carrier)
- Not Applicable
- Port Disabled
- Port Reinitialized
- Reauthentication Failed
- Unknown Termination Cause
- User Logged Out
- User Name
- The user name provided by the end user at login (authentication).
- Received Bytes
- The number of bytes received in user data frames on this port during this session. You must have the Statistics checkbox selected in the Results Filter to see this column.
- Transmitted Bytes
- The number of bytes transmitted in user data frames on this port during this session. You must have the Statistics checkbox selected in the Results Filter to see this column.
- Received Frames
- The number of user data frames received on this port during this session. You must have the Statistics checkbox selected in the Results Filter to see this column.
- Transmitted Frames
- The number of user data frames transmitted on this port during this session. You must have the Statistics checkbox selected in the Results Filter to see this column.
- Start Time
- The time and date when the login session started.
- Duration
- The duration of the login session, in the format
D + HH:MM:SS.
-
(Retrieve)
- Contacts the selected devices or device groups to update the table information. While retrieving information, the button changes to a red octagon.
For information on related windows:
