Chapter 8
| Authentication Commands
802.1X Port Authentication
– 245 –
interface
ethernet
unit
/
port
unit
- Unit identifier. (Range: Always 1)
port
- Port number. (Range: 1-52)
Command Mode
Privileged Exec
Command Usage
This command displays the following information:
◆
Global 802.1X Parameters
– Shows whether or not 802.1X port
authentication is globally enabled on the switch (
).
◆
802.1X Port Summary
– Displays the port access control parameters for
each interface that has enabled 802.1X, including the following items:
■
Type – Administrative state for port access control (Enabled, Authenticator,
or Supplicant).
■
Operation Mode – Allows single or multiple hosts (
).
■
Control Mode – Dot1x port control mode (
■
Authorized – Authorization status (yes or n/a - not authorized).
◆
802.1X Port Details
– Displays the port access control parameters for each
interface, including the following items:
■
Reauthentication – Periodic re-authentication (
).
■
Reauth Period – Time after which a connected client must be re-
authenticated (
).
■
Quiet Period – Time a port waits after Max Request Count is exceeded
before attempting to acquire a new client (
).
■
TX Period – Time a port waits during authentication session before re-
transmitting EAP packet (
■
Supplicant Timeout – Supplicant timeout.
■
Server Timeout – Server timeout. A RADIUS server must be set before the
correct operational value of 10 seconds will be displayed in this field.
■
Reauth Max Retries – Maximum number of reauthentication attempts.
■
Max Request – Maximum number of times a port will retransmit an EAP
request/identity packet to the client before it times out the authentication
session (
■
Operation Mode– Shows if single or multiple hosts (clients) can connect to
an 802.1X-authorized port.
■
Port Control–Shows the dot1x mode on a port as auto, force-authorized, or
force-unauthorized (
).
■
Intrusion Action– Shows the port response to intrusion when
authentication fails (
).
■
Supplicant– MAC address of authorized client.