7.2.2 Viewing IEEE802.1X Status
- <Structure of this section>
(1) Viewing Authentication Status
Use the show dot1x command to display the status of IEEE 802.1X authentication.
(a) Status of the entire switch
Execute the show dot1x command to display the status of IEEE 802.1X authentication on the Switch.
> show dot1x Date 20XX/10/20 10:52:40 UTC System 802.1X : Enable Port/ChGr/VLAN AccessControl PortControl Status Supplicants Port 0/1 --- Auto Authorized 1 Port 0/2 Multiple-Hosts Auto Unauthorized 0 Port 0/3 Multiple-Auth Auto --- 0 ChGr 32 Multiple-Auth Auto --- 1 VLAN 10 Multiple-Auth Auto --- 1 VLAN 11 Multiple-Auth Auto --- 0 VLAN 12 Multiple-Auth Auto --- 0 VLAN(Dynamic) Multiple-Auth Auto --- 1 |
(b) Displaying the status of port-based authentication
To display the individual status of ports subject to port-based authentication, use the show dot1x port command. To view the status of a channel group, use the show dot1x channel-group-number command.
If you specify a port number, the command outputs status information for the specified port.
Specify the detail parameter to include information about terminals authenticated in the VLAN.
> show dot1x port 0/1 detail Date 20XX/10/20 10:52:48 UTC Port 0/1 AccessControl : --- PortControl : Auto Status : Authorized Last EAPOL : 0012.e200.0021 Supplicants : 1 / 1 ReAuthMode : Enable TxTimer(s) : 9 / 30 ReAuthTimer(s): 3585 / 3600 ReAuthSuccess : 0 ReAuthFail : 0 KeepUnauth(s) : --- / 3600 Supplicants MAC Status AuthState BackEndState ReAuthSuccess SessionTime(s) Date/Time 0012.e200.0021 Authorized Authenticated Idle 0 15 20XX/10/20 10:52:32 |
(c) Displaying the status of VLAN authenticated (static)
Use the show dot1x vlan command to display the individual status of VLANs subject to VLAN-based authentication (static). If you specify a VLAN ID, the command outputs status information for the specified VLAN. Specify the detail parameter to include information about terminals authenticated in the VLAN.
> show dot1x vlan 20 detail Date 20XX/10/20 10:52:48 UTC VLAN 20 AccessControl : Multiple-Auth PortControl : Auto Status : --- Last EAPOL : 0012.e200.0003 Supplicants : 2 / 2 / 256 ReAuthMode : Enable TxTimer(s) : 3518 / 3600 ReAuthTimer(s): 3548 / 3600 ReAuthSuccess : 0 ReAuthFail : 0 SuppDetection : Shortcut Port(s): 0/1-10, ChGr 1-5 Force-Authorized Port(s): 0/4,8-10, ChGr 1-5 Supplicants MAC Status AuthState BackEndState ReAuthSuccess SessionTime(s) Date/Time [Port 0/1] 0012.e200.0003 Authorized Authenticated Idle 0 84 20XX/10/20 10:51:24 [Port 0/3] 0012.e200.0004 Authorized Authenticated Idle 0 5 20XX/10/20 10:51:03 |
(d) Displaying the status of VLAN Permission (Dynamic)
Use the show dot1x vlan dynamic command to display the individual status of VLANs subject to VLAN-based authentication (dynamic). If you specify a VLAN ID, the command outputs status information for the specified VLAN. Specify the detail parameter to include information about terminals authenticated in the VLAN.
> show dot1x vlan dynamic detail Date 20XX/10/20 10:52:48 UTC VLAN(Dynamic) AccessControl : Multiple-Auth PortControl : Auto Status : --- Last EAPOL : 0012.e200.0005 Supplicants : 1 / 1 / 256 ReAuthMode : Disable TxTimer(s) : 3556 / 3600 ReAuthTimer(s): 3586 / 3600 ReAuthSuccess : 0 ReAuthFail : 0 SuppDetection : Shortcut VLAN(s): 20 Supplicants MAC Status AuthState BackEndState ReAuthSuccess SessionTime(s) Date/Time [VLAN 20] VLAN(Dynamic) Supplicants : 1 0012.e200.0005 Authorized Authenticated Idle 0 44 20XX/10/20 10:52:03 |