Security Commands
301
ProSAFE M7100 Managed Switches
If you use the optional parameter detail <slot/port>, the detailed dot1x configuration for
the specified port is displayed.
Term Definition
Port The interface whose configuration is displayed.
Protocol Version The protocol version associated with this port. The only possible value is 1, corresponding
to the firs
t version of the dot1x specification.
PAE Capabilities The port access entity (PAE) functionality of this port. Possible values are Authenticator or
Supplicant
.
Control Mode The configured control mode for this port. Possible values are force-unauthorized |
for
ce-authorized | auto | mac-based.
Authenticator PAE
St
ate
Current state of the authenticator PAE state machine. Possible values are Initialize,
Disconnected, Connecting, Authenticating, Authenticated, Aborting, Held,
ForceAuthorized, and ForceUnauthorized. When MAC-based authentication is enabled on
the port, this parameter is deprecated.
Backend
A
uthentic
ation
State
Current state of the backend authentication state machine. Possible values are Request,
Response, Success, Fail, Timeout, Idle, and Initialize. When MAC-based authentication is
enabled on the port, this parameter is deprecated.
Quiet Period The timer used by the authenticator state machine on this port to define periods of time in
which it will no
t att
empt to acquire a supplicant. The value is expressed in seconds and will
be in the range 0 and 65535.
Transmit Period The timer used by the authenticator state machine on the specified port to determine when
t
o send an E
APOL EAP Request/Identity frame to the supplicant. The value is expressed in
seconds and will be in the range of 1 and 65535.
Guest-VLAN ID The guest VLAN identifier configured on the interface.
Guest VLAN Period The time in seconds for which the authenticator waits before authorizing and placing the
por
t in the Gues
t VLAN, if no EAPOL packets are detected on that port.
Supplicant Timeout The timer used by the authenticator state machine on this port to timeout the supplicant.
The value is e
xpressed in seconds and will be in the range of 1 and 65535.
Server Timeout The timer used by the authenticator on this port to timeout the authentication server. The
value is e
xpressed in seconds and will be in the range of 1 and 65535.
Maximum
Reques
ts
The maximum number of times the authenticator state machine on this port will retransmit
an EAPOL EAP Request/Identity before timing out the supplicant. The value will be in the
range of 1 and 10.
VLAN Id The VLAN assigned to the port by the radius server. This is only valid when the port control
mode is no
t M
ac-based.
VLAN Assigned
Re
ason
The reason the VLAN identified in the VLAN Idfield has been assigned to the port. Possible
values are RADIUS, Unauthenticated VLAN, Guest VLAN, default, and Not Assigned. When
the VLAN Assigned Reason is ‘Not Assigned’, it means that the port has not been assigned to
any VLAN by dot1x. This only valid when the port control mode is not MAC-based.
Reauthentication
P
eriod
The timer used by the authentic
ator state machine on this port to determine when
reauthentication of the supplicant takes place. The value is expressed in seconds and will be
in the range of 1 and 65535.
To Next Page
Loading...
