46-130
Software Configuration Guide—Release IOS XE 3.6.0E and IOS 15.2(2)E
OL_28731-01
Chapter 46 Configuring 802.1X Port-Based Authentication
Displaying Authentication Details
Switch# show mab int fa5/9
MAB details for FastEthernet5/9
-------------------------------------
Mac-Auth-Bypass = Enabled
Inactivity Timeout = None
Switch# show mab int fa5/9 detail
MAB details for FastEthernet5/9
-------------------------------------
Mac-Auth-Bypass = Enabled
Inactivity Timeout = None
MAB Client List
---------------
Client MAC = 000f.23c4.a401
MAB SM state = TERMINATE
Auth Status = AUTHORIZED
EPM Logging
EPM logging enables you to display EPM logging messages by using the epm logging command in
global configuration mode. To disable EPM logging, enter no epm logging.
Logging messages are displayed during the following events:
• POLICY_APP_SUCCESS—Policy application success events on Named ACLs, Proxy ACLs, and
service policies, URL redirect policies.
• POLICY_APP_FAILURE—Policy application failure conditions similar to unconfigured policies,
wrong policies, download request failures and download failures from AAA.
• IPEVENT—IP assignment, IP release and IP wait events for clients.
• AAA—AAA events (similar to download requests, or download successes from AAA)
Example 1
Switch# conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# epm logging
Switch# clear dot1x all
Switch#
*May 15 08:31:26.561: %EPM-6-POLICY_REQ: IP=100.0.0.222| MAC=0000.0000.0001|
AUDITSESID=0A050B2C000000030004956C| AUTHTYPE=DOT1X|
EVENT=REMOVE
*May 15 08:31:26.581: %AUTHMGR-5-START: Starting 'dot1x' for client (0000.0000.0001) on
Interface Fa9/25
*May 15 08:31:26.681: %DOT1X-5-SUCCESS: Authentication successful for client
(0000.0000.0001) on Interface Fa9/25
*May 15 08:31:26.681: %AUTHMGR-7-RESULT: Authentication result 'success' from 'dot1x' for
client (0000.0000.0001) on Interface Fa9/25