Meraki

Community

Documentation Feedback - Definition of a Client

RaphaelL
Kind of a big deal
Kind of a big deal
‎Jun 28 2024 7:33 AM
‎Jun 28 2024 7:33 AM

Documentation Feedback - Definition of a Client

Hi ,

 

Starting this week , I have been noticing some "phantom" clients. They have "0" usage , null vlan null ip null description and they are all Wireless clients ( probably failed auth , but still got sampled as a valid client ).

 

{"id":"k6ab678","mac":"12:59:34:a3:4b:f2","description":null,"ip":null,"ip6":null,"ip6Local":null,"user":"dyq8858","firstSeen":"2024-06-26T13:07:36Z","lastSeen":"2024-06-26T13:07:36Z","manufacturer":null,"os":null,"deviceTypePrediction":null,"recentDeviceSerial":"XXXXXXXXXX","recentDeviceName":"XXXXXXXX","recentDeviceMac":"XXXXXXX","recentDeviceConnection":"Wireless","ssid":"XXXXXXX","vlan":"","switchport":null,"usage":{"sent":0,"recv":1,"total":1},"status":"Offline","notes":null,"groupPolicy8021x":null,"adaptivePolicyGroup":null,"smInstalled":false,"pskGroup":null,"wirelessCapabilities":"802.11ac - 2.4 and 5 GHz"}

RaphaelL_0-1719585188916.png

 

I found that weird and opened a ticket. Support told me : We expect clients to show up if they currently passed at least 1KB of data (excluding splash page traffic).   Which seems to be in direct conflic with :

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Clients_Usage_Page_Ov...

 

A client will only appear in the list once it has passed Internet traffic. If a device, such as a LAN printer, does not pass any Internet traffic, then it will not appear in the list.

 

Either the documentation is invalid or Support is wrong on that  OR something recently changed. 

 

 

Wanted a second opinion on that one. 

 


Cheers ,



 

 

7 Replies 7
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jun 30 2024 1:34 PM
‎Jun 30 2024 1:34 PM

Is this a network with another Meraki device family as well, like MX or MS?

 

Perhaps something is getting mixed up with where it has seen the device traffic.

0 Kudos
In response to PhilipDAth
RaphaelL
Kind of a big deal
Kind of a big deal
‎Jun 30 2024 6:39 PM
‎Jun 30 2024 6:39 PM

Full stack , MX MS MR. Client sampling disabled on uplinks and client is seen on MR. Basicly nothing changed config wise or in the topology for all our networks but I keep seeing more and more of those "1kb" clients.

Tony-Sydney-AU
Meraki Employee
Meraki Employee
‎Aug 20 2024 10:02 PM
‎Aug 20 2024 10:02 PM

Hi @RaphaelL 

 

Thanks for bringing this up.

 

The document you mentioned has this section:

"Clients List Displays Zero Usage for a Client, Though the Client Is Passing Traffic

To ensure useful data usage and traffic analysis, certain types of client traffic are filtered and are not counted toward their network usage. Usage information is recorded differently depending on the network layer the client is operating at. Examples of such traffic are:

  • Unauthorized clients that are operating behind a splash or captive portal

  • DNS

  • DHCP

  • ARP

Note that the above does not apply to switch clients."

 

Do you see that behaviour you described in a Guest wifi SSID that has splash or captive portal?

If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it.
0 Kudos
In response to Tony-Sydney-AU
RaphaelL
Kind of a big deal
Kind of a big deal
‎Aug 21 2024 5:02 AM
‎Aug 21 2024 5:02 AM

Hi ,

 

No this is a WPA2-Enterprise SSID. 

 

The client was rejected by the RADIUS server , but Meraki did map this "client" as a valid client. 

 

Client didn't pass ANY trafic at all.

0 Kudos
In response to RaphaelL
Tony-Sydney-AU
Meraki Employee
Meraki Employee
‎Aug 21 2024 4:58 PM
‎Aug 21 2024 4:58 PM

Well, that makes sense. That wifi client failed authentication so it was stuck in association phase and having no traffic after RADIUS Access-Reject message. It's essentially the same behaviour described in the doc.

 

This seems to be an expected behaviour since it is an unauthorised client. Unauthorised wifi clients show as connected with zero usage as long as the Access Point confirms they are associated. 

 

I'll work internally to reproduce this scenario and add this behaviour to our doc.

If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it.
In response to Tony-Sydney-AU
RaphaelL
Kind of a big deal
Kind of a big deal
‎Aug 21 2024 5:31 PM
‎Aug 21 2024 5:31 PM

Thanks a lot for your help. Much appreciated !

0 Kudos
In response to RaphaelL
Tony-Sydney-AU
Meraki Employee
Meraki Employee
‎Aug 21 2024 8:07 PM
‎Aug 21 2024 8:07 PM

My pleasure! Doc is updated now! Thanks for bringing this up.

If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.