beautypg.com

Brocade FastIron Ethernet Switch Security Configuration Guide User Manual

Page 204

background image

Original PVID : 1

Authorized PVID ref count : 2

Restricted PVID ref count : 0

Radius assign PVID ref count : 0

num mac sessions : 2

num mac authorized : 2

num Dynamic Tagged Vlan : 0

Number of Auth filter : 0

Syntax: show dot1x config ethernet port

The following additional information is displayed in the show dot1x config command for an interface.

Output from the show dot1x config command for an interface

TABLE 17

Field

Description

Port-Control

The configured port control type for the interface. This can be one of the following:

force-authorized - The controlled port is placed unconditionally in the authorized
state, allowing all traffic. This is the default state for ports on the Brocade device.

force-unauthorized - The controlled port is placed unconditionally in the
unauthorized state. No authentication takes place for any connected 802.1X
Clients.

auto - The authentication status for each 802.1X Client depends on the
authentication status returned from the RADIUS server.

filter strict security

Whether strict security mode is enabled or disabled on the interface.

Action on RADIUS timeout

The action taken for the client/MAC session on this port upon a Radius timeout.
Refer to the Permit user access to the network after a RADIUS timeout and Deny
user access to the network after a RADIUS timeout sections.

Authentication-fail-action

The configured authentication-failure action. This can be Restricted VLAN or Block
Traffic.

PVID State

The port default VLAN ID (PVID) and the state of the port PVID. The PVID state
can be one of the following

Normal - The port PVID is not set by a RADIUS server, nor is it the restricted
VLAN.

RADIUS - The port PVID was dynamically assigned by a RADIUS server.

RESTRICTED - The port PVID is the restricted VLAN.

Original PVID

The originally configured (not dynamically assigned) PVID for the port.

Authorized PVID ref count

The number of authenticated MAC sessions on this port’s current PVID (port
default VLAN ID).

Restricted PVID ref count

The number of MAC sessions on the port that failed authentication and are now in
the restricted VLAN (which should be the port’s current PVID).

Radius assign PVID ref
count

The number of times the port has changed PVIDs due to Radius VLAN
assignment.

num mac sessions

The number of dot1x-mac-sessions on the port.

802.1X Port Security

204

FastIron Ethernet Switch Security Configuration Guide

53-1003088-03

See also other documents in the category Brocade Computer Accessories: