No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fit AP V200R010C00 Command Reference

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
display access-user (All views)

display access-user (All views)

Function

The display access-user command displays information about online users (including access users and administrators).

NOTE:

Only branch APs support this command.

Format

display access-user [ domain domain-name | ip-address ip-address | access-slot slot-id | user-group user-group-name | username user-name ] [ detail ]

display access-user [ mac-address mac-address | service-scheme service-scheme-name | user-id user-id ]

display access-user statistics

display access-user ssid ssid-name

display access-user access-type admin [ ftp | ssh | telnet | terminal | web ] [ username user-name ]

Parameters

Parameter

Description

Value

domain domain-name

Displays information about users in a specified domain.

The domain name must already exist.

ip-address ip-address

Displays information about the user with a specified IP address.

NOTE:

When the user type is NAC, details about the user are displayed. When the user is in another type, brief information about the user is displayed.

The value of ip-address is in dotted decimal notation.

mac-address mac-address

Displays information about the user with a specified MAC address.

The value is in H-H-H format. An H contains four hexadecimal digits.

service-scheme service-scheme-name

Displays information about the user with a specified service scheme.

The service scheme must already exist.

access-slot slot-id

Displays information about users connecting to a specified LPU.

The value range depends on the model of the device.

ssid ssid-name

Specifies the SSID name.

The SSID must already exist.

NOTE:

If the first character of the SSID name is empty, the entered SSID name must start with a quotation mark (") and end with a quotation mark ("), for example, " hello". The quotation marks at the beginning and end of the SSID name occupy two characters. If the first character of the SSID name is a quotation mark, enter the escape character (\) before the quotation mark, for example, \"hello. The escape character occupies one character.

username user-name

Displays information about the user with a user name.

The user name must already exist.

statistics

Displays WLAN user statistics on the device.

-

user-group user-group-name

Displays information about users in a specified user group.

The value is a string of 1 to 64 case-sensitive characters. It cannot contain spaces or the following symbols: / \ : * ? " < > | @ ' %. The value cannot be - or --.

user-id user-id

Displays information about sessions of a specified user. If this parameter is specified, detailed information about the user is displayed.

The user-id must exist on the device.

detail

Displays detailed information about users.

-

access-type

Displays information about the users using the specified authentication mode.

-

admin [ ftp | ssh | telnet | terminal | web ]

Displays information about the administrators using the specified authentication mode.

  • ftp: FTP user
  • ssh: SSH user
  • telnet: Telnet user
  • terminal: Terminal user
  • web: Web user

-

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

Usage Scenario

This command displays information about user sessions on the device.

Precautions

If the character string of the user name contains spaces (for example, a b), you can run the display access-user username "a b" command to view online users.

If the character string of the user name contains spaces and quotation marks ("") simultaneously, you cannot use the user name to view online users. In this case, you can run the display access-user | include username command to view the user ID of the online user, and then run the display access-user user-id user-id command to view the user. Alternatively, you can run the cut access-user user-id user-id command to force the user to go offline.

If user-id is specified, detailed information about the specified user is displayed. If user-id is not specified, brief information about all online users is displayed, including the user ID, user name, IP address, and MAC address of each user.

The value of username contains letters, digits, and special characters. It supports English, Chinese, and Russian. The coding format used by the Telnet terminal must be the same as the coding format used by the user name input device. Otherwise, the user name in the language other than English may not be normally displayed.

When the value of username contains special characters or characters in other languages except English, the device displays dots (.) for these characters. If there are more than three such consecutive characters, three dots (.) are displayed. Here, the special characters are the ASCII codes smaller than 32 (space) or larger than 126 (~).

When the value of username is longer than 20 characters, the device displays up to three dots (.) for the characters following 19; that is, only 22 characters are displayed.

When querying user information based on interfaces, MAC addresses, or VLANs, the device only displays information about 802.1X, MAC address, or Portal authentication users.

Example

# Display the user with the user ID being 32785.

<Huawei> display access-user user-id 32785
Basic:                                                                                                                              
  User ID                         : 32785                                                                                           
  User name                       : ljhvip                                                                                          
  User MAC                        : 9c2e-a1f8-be57                                                                                  
  User IP address                 : 192.168.75.131                                                                                  
  User vpn-instance               : -                                                                                               
  User IPv6 address               : -                                                                                               
  User access Interface           : Wlan-Dbss17497                                                                                  
  User vlan event                 : Success                                                                                         
  QinQVlan/UserVlan               : 0/75                                                                                            
  User vlan source                : user request                                                                                    
  User access time                : 2018/09/30 14:30:01                                                                             
  User accounting session ID      : local-a000000000000758a****0200011                                                              
  User accounting mult session ID : 5C1A6F8BDBC09C2EA1F8BE575BB0D****25996EF                                                        
  User access type                : WEB                                                                                             
  AP name                         : 5c1a-6f8b-dbc0                                                                                  
  Radio ID                        : 1                                                                                               
  AP MAC                          : 5c1a-6f8b-dbc0                                                                                  
  SSID                            : test-309831                                                                                     
  Online time                     : 103(s)                                                                                          
  Web-server IP address           : 192.168.0.221                                                                                   
  Dynamic group name(Effective)   : vip                                                                                             
                                                                                                                                    
AAA:                                                                                                                                
  User authentication type        : WEB authentication                                                                              
  Current authentication method   : RADIUS                                                                                          
  Current authorization method    : -                                                                                               
  Current accounting method       : RADIUS   

# Display WLAN user statistics on the device.

<Huawei> display access-user statistics
Historical wireless user statistics:                                                                                                
  Access total number          : 0                                                                                                  
  Access failed number         : 0                                                                                                  
  Access success number        : 0                                                                                                  
  Abnormal offline number      : 0                                                                                                  
Current online user statistics:                                                                                                     
  Total access number             : 0                                                                                               
  MAC access number               : 0                                                                                               
  802.1x access number            : 0                                                                                               
  Web access number               : 0                                                                                               
  Static access number            : 0                                                                                               
  PPPoE access number             : 0                                                                                               
  Unauthenticated access number   : 
Table 13-5  Description of the display access-user command output

Item

Description

Basic

Basic information about a user.

User ID

ID of a user.

User name

Name of a user.

Domain-name

Name of the domain that a user belongs to.

User MAC

MAC address of a user.

User IP address

IP address of a user.

User IPv6 address

IPv6 address of a user.

Status

Whether a user joins a VLAN.

  • Open: no authentication
  • Success: authentication is successful
  • Pre-authen: pre-authentication
  • Client-no-resp: the client does not respond
  • Fail-authorized: authorization upon authentication failure
  • Web-server-down: web server is Down

User vlan event

Whether a user joins a VLAN.

User access time

Time when a user goes online.

User accounting session ID

ID of the accounting session for a user.

Option82 information

Option 82 of a user.

User access type

Access type of a user.

User Privilege

Level of a user.

Terminal Device Type

Terminal device type of a user.

User inbound CAR CIR

Upstream CIR dynamically delivered by the RADIUS server to online user.

User inbound CAR PIR

Upstream PIR dynamically delivered by the RADIUS server to online user.

User inbound CAR CBS

Upstream CBS dynamically delivered by the RADIUS server to online user.

User inbound CAR PBS

Upstream PBS dynamically delivered by the RADIUS server to online user.

User inbound data flow(Packet)

Number of incoming packets of a user.

User inbound data flow(Byte)

Number of bytes in incoming packets of a user.

User outbound CAR CIR

Downstream CIR dynamically delivered by the RADIUS server to online user.

User outbound CAR PIR

Downstream PIR dynamically delivered by the RADIUS server to online user.

User outbound CAR CBS

Downstream CBS dynamically delivered by the RADIUS server to online user.

User outbound CAR PBS

Downstream PBS dynamically delivered by the RADIUS server to online user.

User outbound data flow(Packet)

Number of outgoing packets of a user.

User outbound data flow(Byte)

Number of bytes in outgoing packets of a user.

Push URL flag

Redirection flag. It is controlled by the HW-URL-Flag attribute carried in the packets sent by the RADIUS server.
  • Enable: After this attribute is delivered, the URL address is pushed when you visit the website for the first time.
  • DenyPush: The URL address is pushed for the forbidden websites.

Push URL content

Pushed URL. It is controlled by the HW-Portal-URL attribute carried in the packets sent by the RADIUS server.

Dynamic ACL number(Effective)

ACL number:
  • Effective: The dynamic ACL has taken effect.
  • Ineffective: The dynamic ACL does not take effect. The possible causes are as follows: Dynamic RADIUS authorization fails; the ACL does not exist on the device; the wired user fails to obtain an IP address.
NOTE:

This field is displayed only when ACL is dynamically delivered by the RADIUS server.

AAA

AAA information about a user.

User authentication type

Authentication type of a user, which depends on the access type of the user.

Current authentication method

Authentication mode.

Current authorization method

Authorization mode.

Current accounting method

Accounting mode.

Historical wireless user statistics

Number of history users.

Access total number

Total access times users.

Access failed number

Number of times users fail to access.

Access success number

Number of times users successfully access.

Abnormal offline number

Number of times users go offline unexpectedly.

Current online user statistics

Number of online users.

Total access number

Total number of access users.

MAC access number

Number of online users passing MAC address authentication.

802.1x access number

Number of online users passing 802.1X authentication.

Web access number

Number of online users passing web authentication.

Static access number

Number of online static users.

PPPoE access number

Number of online PPPoE users.

Unauthenticated access number

Number of users failing authentication.

Web-server IP address IP address of the Portal server.
Dynamic group name(Effective)
Name of a dynamic security group:
  • Effective: The dynamic security group has taken effect.
  • Ineffective: The dynamic security group does not take effect.
Translation
Download
Updated: 2019-07-18

Document ID: EDOC1100064353

Views: 125611

Downloads: 98

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next