Chapter 8
| Authentication Commands
802.1X Port Authentication
– 254 –
■
Operation Mode– Shows if single or multiple hosts (clients) can connect to
an 802.1X-authorized port.
■
Port Control–Shows the dot1x mode on a port as auto, force-authorized, or
force-unauthorized (page 248).
■
Intrusion Action– Shows the port response to intrusion when
authentication fails (page 245).
■
Supplicant– MAC address of authorized client.
◆
Authenticator PAE State Machine
■
State – Current state (including initialize, disconnected,
connecting,
authenticating, authenticated, aborting,
held, force_authorized,
force_unauthorized).
■
Reauth Count– Number of times connecting state is re-entered.
■
Current Identifier– The integer (0-255) used by the Authenticator to identify
the current authentication session.
◆
Backend State Machine
■
State – Current state (including request, response, success, fail, timeout,
idle, initialize).
■
Request Count– Number of EAP Request packets sent to the Supplicant
without receiving a response.
■
Identifier (Server)– Identifier carried in the most recent EAP Success, Failure
or Request packet received from the Authentication Server.
◆
Reauthentication State Machine
State – Current state (including initialize, reauthenticate).
Example
Console#show dot1x
Global 802.1X Parameters
System Auth Control : Enabled
Authenticator Parameters:
EAPOL Pass Through : Disabled
802.1X Port Summary
Port Type Operation Mode Control Mode Authorized
-------- ------------- -------------- ------------------ ----------
Eth 1/ 1 Disabled Single-Host Force-Authorized Yes
Eth 1/ 2 Disabled Single-Host Force-Authorized Yes
,,,
Eth 1/27 Disabled Single-Host Force-Authorized Yes
Eth 1/28 Enabled Single-Host Auto Yes
Console#show dot1x interface ethernet 1/2
802.1X Authenticator is enabled on port 2
Reauthentication : Enabled
Reauth Period : 3600
Quiet Period : 60
TX Period : 30
Supplicant Timeout : 30
Server Timeout : 10
To Next Page
Loading...
