Using the MR Live Tools - LAN Tab
MR access points (APs) have the ability to monitor client network traffic, to help identify and narrow down potential network problems. When configuring access points (APs) to use VLAN tagging or RADIUS servers, additional status fields will become visible on the AP details page. These status fields can be used to help identify potential problems relating to RADIUS authentication or a particular VLAN.
From the Monitor > Access points page, click on an AP to investigate. Then look under the Status section for RADIUS status and VLAN status sub-sections, and click Show for more info.
Note: Status sections will only appear if that function has been configured and enabled.
RADIUS Status
A table will be listed that includes the SSID, a RADIUS server for that SSID, and the Status of recent authentication attempts on that SSID. The status will be marked as "Problem" if more than 2 requests do not receive responses. Click Show for an SSID to see details of the last 5 messages.
Req. ID | An identification number for the authentication request. |
Client MAC | The MAC address of the client being authenticated. |
Server IP | The IP address of the RADIUS server. |
Req. type | The AP's request type; generally an "Access Request". |
Resp. type | The server's response type, such as "Access Challenge" or "Access Accept". |
RTT (ms) | How many milliseconds it took for the server response to be received. This will be empty if no response was received. |
Ago (s) | How many seconds ago this occurred. |
Troubleshooting
If RADIUS is indicated as experiencing a "Problem," it is recommended to investigate the specific requests that are not receiving responses. If no RADIUS requests are receiving responses, there is likely an issue communicating between the access point and the RADIUS server. Ensure that the RADIUS server is online and receiving requests, and that it has been configured correctly.
VLAN Status
A table will be listed that includes the VLAN number, and the Status of several recent message types on that VLAN. The status will be marked as "Problem" if more than 2 DHCP or DNS messages do not receive a response, or if more than 3 ARP messages do not receive a response. Click Show for a VLAN to see details of the last 5 messages of each type.
ARP
SSID | The SSID the client originating this message is associated to. |
Source IP | The IP address of the client originating this message. |
Source MAC | The MAC address of the client originating this message. |
Dest. IP | The IP address that is being ARP'd for. |
Dest. MAC | The MAC address of the client that has the Dest. IP. This will be empty if no response was received. |
RTT (ms) | How many milliseconds it took for the destination client response to be received. This will be empty if no response was received. |
Ago (s) | How many seconds ago this occurred. |
DNS
Req. ID | An identification number for the message exchange. |
SSID | The SSID the client originating this message is associated to. |
Client IP | The IP address of the client that originated this DNS message. |
Server IP | The IP address of the server the DNS message was sent to. |
Opcode | The DNS operation code. |
Rcode | The DNS response code. |
RTT (ms) | How many milliseconds it took for the server response to be received. This will be empty if no response was received. |
Ago (s) | How many seconds ago this occurred. |
DHCP
Req. ID | An identification number for the message exchange. |
SSID | The SSID the client originating this message is associated to. |
Client MAC | The MAC address of the client originating this message. |
Server IP | The IP address of the server the message was sent to or a response was received from. |
Req. type | The client's request type. |
Req. IP | The requested IP address (if any). |
Resp. type | The server's response type. |
Resp. IP | The IP address offered by the server to the requesting client. |
RTT (ms) | How many milliseconds it took for the server response to be received. This will be empty if no response was received. |
Ago (s) | How many seconds ago this occurred. |
Troubleshooting
If the VLAN status is shown as having a "Problem," this indicates that clients on this AP may be having issues resolving common network services:
- ARP
If ARP requests are being sent without receiving a response, this typically indicates that clients are attempting to contact an IP address that is either not available on the network, or otherwise unable to respond to ARP.
Note: Depending on the client behavior, certain devices may be more likely to send ARP requests for unreachable IPs. As such, a "Problem" with ARP may not indicate an actionable network issue. - DNS
If DNS queries are being sent without receiving a response, ensure that the DNS server listed under Server IP is available and configured to respond to queries. If the DNS server is external to the network, check that the client's VLAN has Internet connectivity and is being routed appropriately. - DHCP
Since this status will track both DHCP Discover and DHCP Request messages, it is important to note which type of traffic is not receiving a response.
- If clients are sending DHCP Discover messages without receiving a response, ensure that there is an online DHCP server or relay within the VLAN.
- If clients are sending DHCP Request messages, check the DHCP server's configuration and see if there is a reservation in place for that particular client. Additionally, make sure there are available addresses within the DHCP server's scope.
Determining the DHCP Transaction ID From the DHCP Req ID
The provided DHCP Req ID is for tracking in dashboard but cannot be used while trying to track DHCP information inside of Wireshark. In order to determine the corresponding DHCP transaction ID, follow these steps.
- Copy the DHCP Req ID
- Convert the Req ID to hex using this tool. Type the Req ID into the search bar using the following format
- Once the results are displayed, scroll down to the Other data types section. The transaction ID which can be used in Wireshark is available as the 'unsigned 32-bit integer' value.
NOTE: The DHCP Transaction ID is displayed in Wireshark assuming little-endian byte ordering format.
- The transaction ID can be used in conjunction with Wireshark to find the specific transaction by using the following filter. Simply prepend 0x to the beginning of the copied value and use the following filter in Wireshark.
bootp.id==
Regardless of the specific problem being experienced, it may be beneficial to take a packet capture on the AP's wired interface, to better understand exactly what traffic is being sent upstream without receiving a response.