• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Tracking Usage Per Client

Scheduled Pinned Locked Moved General pfSense Questions
10 Posts 5 Posters 3.4k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • N
    NoobieOne
    last edited by Oct 15, 2014, 3:42 PM

    The boss wants to track user stats per client so I've found PFSense. It's really cool you guys should check it out, anyway, I can see traffic on the WAN via the Status\RRD Graphs button but we need to dial it down a little more. How can I do that?

    Thanks in advance.

    Edit: We want to see how many users are connecting to our WiFi per day and how much bandwidth each user is using.

    1 Reply Last reply Reply Quote 0
    • J
      johnpoz LAYER 8 Global Moderator
      last edited by Oct 15, 2014, 4:03 PM

      if you want to track your wifi users, something like unifi would be better option.  Very reasonable priced wifi APs with a software based controller.. This is going to give you way more control and info about your "wifi" network then pfsense would.

      http://www.ubnt.com/unifi/unifi-ap/

      unifiusers.png
      unifiusers.png_thumb

      An intelligent man is sometimes forced to be drunk to spend time with his fools
      If you get confused: Listen to the Music Play
      Please don't Chat/PM me for help, unless mod related
      SG-4860 24.11 | Lab VMs 2.8, 24.11

      1 Reply Last reply Reply Quote 0
      • N
        NoobieOne
        last edited by Oct 15, 2014, 4:26 PM

        That's unfortunate. We're using Meraki at our branches. It's nice but it will cost too much to bring it in to our main branch. We have Cisco access points with a Cisco 4400 WLAN controller here but I didn't set it up and don't know much about it. I figured this would be easier to set up and a little more interesting to play with.

        1 Reply Last reply Reply Quote 0
        • J
          johnpoz LAYER 8 Global Moderator
          last edited by Oct 15, 2014, 6:56 PM

          pfsense is a great firewall and router - but it has very limited wifi stuff.  Its not a wifi controller, 4400 series is quite old for wlc from cisco.  While they do a great job in providing great wifi access the reporting to what wifi clients is doing is very limited without sending info to say cisco prime.

          Unifi while not quite up to snuff to overall wifi stuff like cisco with cleanair, etc.  You can get the AP for $70 each on their entry level products and get some really useful reporting right out of the box to what wireless clients bandwidth usage is, etc.

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • N
            NoobieOne
            last edited by Oct 16, 2014, 4:13 PM

            Here's the thing,  I already have the WiFi controller and my WiFi is on a different network. I want to plug this in as router/firewall to that network and collect data. I can even use this as a DHCP server to my WiFi clients …

            1 Reply Last reply Reply Quote 0
            • O
              Ofloo
              last edited by Oct 16, 2014, 4:28 PM

              can't you do that with bandwidthd i remember you can monitor by IP with bandwidthd !?

              1 Reply Last reply Reply Quote 0
              • J
                johnpoz LAYER 8 Global Moderator
                last edited by Oct 16, 2014, 4:39 PM

                you can try the bandwidthd package - not going to show you what AP they are on, just going to give you IP based info.  Since not tied to mac of the wifi client, if you have client use IP A, then couple days later you get client B that gets same IP A  you have invalid info.

                If you have cisco, then you should go with cisco products to do your monitoring - cisco prime for example.  Then you should be able to send your flows from you wlc to your cisco prime setup.

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                SG-4860 24.11 | Lab VMs 2.8, 24.11

                1 Reply Last reply Reply Quote 0
                • N
                  NoobieOne
                  last edited by Oct 16, 2014, 6:10 PM

                  Thanks for the info!  :)

                  1 Reply Last reply Reply Quote 0
                  • P
                    phil.davis
                    last edited by Oct 17, 2014, 10:13 AM

                    @johnpoz:

                    you can try the bandwidthd package - not going to show you what AP they are on, just going to give you IP based info.  Since not tied to mac of the wifi client, if you have client use IP A, then couple days later you get client B that gets same IP A  you have invalid info.

                    If you have cisco, then you should go with cisco products to do your monitoring - cisco prime for example.  Then you should be able to send your flows from you wlc to your cisco prime setup.

                    If you are in a business setting where the connected devices are all (mostly) well known, then static-map an IP for each device. Then IP-based reports match consistently to clients.
                    Of course that is not practical if you are running more public services with an ever-moving client base.

                    As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
                    If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

                    1 Reply Last reply Reply Quote 0
                    • F
                      firewalluser
                      last edited by Oct 17, 2014, 11:46 AM

                      I'd setup a linux box with two bridged nics and put it between the internet & the wifi access point(s).

                      tcpdump can do all the packet captures quite easily, you can specify how long timewise each packet capture file is, ie hourly or daily packet captures, and then from there monitor the tcpip data, pulling out what you like!

                      I'd start with the ARP packet to get each unique device and then track the assigned ip accordingly. Unless someone has changed the id in the arp packet, possible but harder than spoofing a mac id, then you should get a good overview of your wifi users usage.  Some of the things you should see is if anyone has attempted to change the unique id given out in the ARP packet.

                      A basic example you can adapt by running on a different linux distro.
                      http://williamknowles.co.uk/?p=16

                      You'll just need to make sure you have enough disc space to store everything captured and have spare capacity before analysis.

                      Capitalism, currently The World's best Entertainment Control System and YOU cant buy it! But you can buy this, or some of this or some of these

                      Asch Conformity, mainly the blind leading the blind.

                      1 Reply Last reply Reply Quote 0
                      10 out of 10
                      • First post
                        10/10
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                        This community forum collects and processes your personal information.
                        consent.not_received