Enabling 802.1x accounting, Displaying 802.1x information – Brocade FastIron Ethernet Switch Security Configuration Guide User Manual

802.1X accounting attributes for RADIUS (Continued)

TABLE 14

Attribute name

Attribute ID Data Type Description

Acct-Status-Type 40

integer

Indicates whether the accounting request marks the beginning (start)
or end (stop) of the user service.

1 - Start

2 - Stop

Calling-Station-Id 31

string

The supplicant MAC address in ASCII format (upper case only), with
octet values separated by a dash (-). For example 00-00-00-23-19-C0

NAS-Identifier

32

string

The hostname of the device. Here NAS stands for "network access
server".

NAS-Port

5

integer

The physical port number. Here NAS stands for "network access
server".

NAS-Port-Type

61

integer

The physical port type. Here NAS stands for "network access server".

user-name

1

string

The user name.

Enabling 802.1X accounting

To enable 802.1X accounting, enter the following command.

device(config)#aaa accounting dot1x default start-stop radius none

Syntax: aaa accounting dot1x default start-stop { radius | none }

radius - Use the list of all RADIUS servers that support 802.1X for authentication.

none - Use no authentication. The client is automatically authenticated without the device using
information supplied by the client.

NOTE
If you specify both radius and none , make sure radius comes before none .

Displaying 802.1X information

You can display the following 802.1X-related information:

• The 802.1X configuration on the device and on individual ports
• Statistics about the EAPOL frames passing through the device
• 802.1X-enabled ports dynamically assigned to a VLAN
• User-defined and dynamically applied MAC address filters and IP ACLs currently active on the

device

• The 802.1X multiple-host configuration

Enabling 802.1X accounting

200

FastIron Ethernet Switch Security Configuration Guide

53-1003088-03