To view client state, use the following command:
Device# show flexconnect client
To view all ACLs applied to a specific client, use the following command:
Device# show client access-list {post-auth | pre-auth} all client_mac_address
Device# show client access-list post-auth all 1C:36:BB:10:1B:2C
Post-Auth URL ACLs for Client: 1C:36:BB:10:1B:2C IPv4 ACL: xwf
Fbs
IPv6 ACL:
ACTION URL-LIST
allow cisco.com
allow yahoo.com
allow google.com
allow xwf.facebook.com
allow xwf-static.xx.fbcdn.net allow cisco-us.expresswifi.com allow xwf-scontent.xx.fbcdn.net allow xwfcisco-us.expresswifi.com
Resolved IPs for Client: 1C:36:BB:10:1B:2C HIT-COUNT URL ACTION IP-LIST
xwf
rule 0:
rule 1:
rule 2:
rule 3:
rule 4:
rule 5:
rule 6:
allow true and ip proto 6 and dst port 22
allow true and ip proto 6 and src port 22
allow true and dst 171.70.168.183 mask 255.255.255.255 allow true and src 171.70.168.183 mask 255.255.255.255 allow true and dst 157.240.22.50 mask 255.255.255.255 allow true and src 157.240.22.50 mask 255.255.255.255 allow true and src 30.1.1.155 mask 255.255.255.255 and dst
30.1.1.18 mask 255.255.255.255 and ip proto 1
rule 7: allow true and src 30.1.1.18 mask 255.255.255.255 and dst
30.1.1.155 mask 255.255.255.255 and ip proto 1 rule 8: allow true and ip proto 17 rule 9: allow true and ip proto 17 rule 10: deny all
fbs
rule 0: allow true and dst 31.13.0.0 mask 255.255.0.0
rule 1: allow true and dst 66.220.0.0 mask 255.255.0.0
rule 6: allow true and src 31.13.0.0 mask 255.255.0.0
rule 10: allow true and src 179.60.0.0 mask 255.255.0.0
rule 12: allow true and dst 171.70.168.183 mask 255.255.255.255 rule 14: allow true and ip proto 17
rule 16: deny all
No IPv6 ACL found
Device# show client access-list pre-auth all 1C:36:BB:10:1B:2C
Pre-Auth URL ACLs for Client: 1C:36:BB:10:1B:2C
IPv4 ACL: xwf
IPv6 ACL:
ACTION URL-LIST
allow cisco.com
allow yahoo.com
allow google.com
allow xwf.facebook.com
allow xwf-static.xx.fbcdn.net allow cisco-us.expresswifi.com allow xwf-scontent.xx.fbcdn.net allow xwfcisco-us.expresswifi.com
Resolved IPs for Client: 1C:36:BB:10:1B:2C HIT-COUNT URL ACTION IP-LIST
xwf
rule 0: allow true and ip proto 6 and dst port 22
rule 1: allow true and ip proto 6 and src port 22
rule 2: allow true and dst 171.70.168.183 mask 255.255.255.255 rule 3: allow true and src 171.70.168.183 mask 255.255.255.255 rule 4: allow true and dst 157.240.22.50 mask 255.255.255.255 rule 5: allow true and src 157.240.22.50 mask 255.255.255.255 rule 6: allow true and src 30.1.1.155 mask 255.255.255.255 and dst
30.1.1.18 mask 255.255.255.255 and ip proto 1
rule 7: allow true and src 30.1.1.18 mask 255.255.255.255 and dst
30.1.1.155 mask 255.255.255.255 and ip proto 1 rule 8: allow true and ip proto 17 rule 9: allow true and ip proto 17 rule 10: deny all
No IPv6 ACL found
Redirect URL for client: 1C:36:BB:10:1B:2C
https://xwfcisco-us.expresswifi.com/customer/captive_portal
To view authentication server details applied to a specific client, use the following command where the wlan_id ranges from 1 to 15:
Device# show running-config authentication dot11radio {0 | 1} wlan
wlan_id
Device# show running-config authentication dot11radio 1 wlan 1
bssid=00:a7:42:f6:4a:8e ssid=aa_namsoo_webauth beacon_period=100
auth=LOCAL AP_OPER_MODE=CONNECTED AP_OPER_MODE from WPA=CONNECTED
AUTH_SERVER[0]=30.1.1.18 AUTH_SERVER_PORT[0]=2812 ACCT_SERVER[0]=30.1.1.18
ACCT_SERVER_PORT[0]=2813 AUTH_SERVER[0]=30.1.1.18 AUTH_SERVER_PORT[0]=2812 ACCT_SERVER[0]=30.1.1.18 ACCT_SERVER_PORT[0]=2813
To view client accounting details, use the following command:
Device# show controller dot11Radio
{0|1}
client
client_mac_address
Device# show client access-list pre-auth redirect-url 1C:36:BB:10:1B:2C
Redirect URL for client: 1C:36:BB:10:1B:2C
https://xwfcisco-us.expresswifi.com/customer/captive_portal
To view DCDS (distributed client datastore) or roaming configuration details for an associated client, use the following command:
Device# show dot11 clients data-store details
client_mac_address
Device# show dot11 clients data-store details 1C:36:BB:10:1B:2C
First AP Name: APF8B7.E2CC.5D48
Current AP Name: APF8B7.E2CC.5D48
Current AP IP: 30.1.1.169
Current AP BSSID: f8:b7:e2:cd:cb:8e
Current AP SSID: aa_namsoo_webauth
Client VLAN: 1
Client State: 4
Audit Session ID: 3204365612
Accounting Session ID High: 0
Accounting Session ID Low: 0
Client Traffic Class Name: xwf
Client Traffic Class Name: fbs