C
HAPTER
24
| Authentication Commands
802.1X Port Authentication
– 631 –
COMMAND USAGE
This command displays the following information:
◆ Global 802.1X Parameters – Shows whether or not 802.1X port
authentication is globally enabled on the switch (page 621).
◆ Authenticator Parameters – Shows whether or not EAPOL pass-through
is enabled (page 620).
◆ Supplicant Parameters – Shows the supplicant user name used when
the switch responds to an MD5 challenge from an authenticator
(page 627).
◆ 802.1X Port Summary – Displays the port access control parameters
for each interface that has enabled 802.1X, including the following
items:
â–
Type – Administrative state for port access control (Enabled,
Authenticator, or Supplicant).
â–
Operation Mode–Allows single or multiple hosts (page 622).
â–
Mode– Dot1x port control mode (page 623).
â–
Authorized– Authorization status (yes or n/a - not authorized).
◆ 802.1X Port Details – Displays the port access control parameters for
each interface, including the following items:
â–
Reauthentication – Periodic re-authentication (page 624).
â–
Reauth Period – Time after which a connected client must be re-
authenticated (page 625).
â–
Quiet Period – Time a port waits after Max Request Count is
exceeded before attempting to acquire a new client (page 624).
â–
TX Period – Time a port waits during authentication session before
re-transmitting EAP packet (page 626).
â–
Supplicant Timeout – Supplicant timeout.
â–
Server Timeout – Server timeout.
â–
Reauth Max Retries – Maximum number of reauthentication
attempts.
â–
Max Request – Maximum number of times a port will retransmit an
EAP request/identity packet to the client before it times out the
authentication session (page 622).
â–
Operation Mode– Shows if single or multiple hosts (clients) can
connect to an 802.1X-authorized port.
â–
Port Control–Shows the dot1x mode on a port as auto, force-
authorized, or force-unauthorized (page 623).
â–
Intrusion Action– Sets the port response to intrusion when
authentication fails (page 621).
â–
Supplicant– MAC address of authorized client.
â—† Authenticator State Machine
â–
State – Current state (including initialize, disconnected,
connecting,
authenticating, authenticated, aborting,
held, force_authorized,
force_unauthorized).
â–
Reauth Count– Number of times connecting state is re-entered.
To Next Page
Loading...
Need help?
General