beautypg.com

Brocade TurboIron 24X Series Configuration Guide User Manual

Page 1012

background image

978

Brocade TurboIron 24X Series Configuration Guide

53-1003053-01

Displaying 802.1X information

Example

Syntax: show dot1x mac-session

Table 151

lists the new fields in the display.

Displaying information about the ports in an 802.1X multiple-host configuration

To display information about the ports in an 802.1X multiple-host configuration, enter the following
command.

TurboIron(config-dot1x)#sh do mac-s br

Port Number of Number of Dynamic Dynamic Dynamic

users Authorized users VLAN ACL MAC-Filt

--------------------------------------------------------------------

1 0 0 no no no

2 0 0 no no no

3 0 0 no no no

4 0 0 no no no

5 0 0 no no no

6 0 0 no no no

TABLE 151

Output from the show dot1x mac-session command

This field...

Displays...

Port

The port on which the dot1x-mac-session exists.

MAC/ (username)

The MAC address of the Client and the username used for RADIUS authentication.

Vlan

The VLAN to which the port is currently assigned.

Auth-State

The authentication state of the dot1x-mac-session. This can be one of the following
permit – The Client has been successfully authenticated, and traffic from the Client is
being forwarded normally.
blocked – Authentication failed for the Client, and traffic from the Client is being
dropped in hardware.
restricted – Authentication failed for the Client, but traffic from the Client is allowed in
the restricted VLAN only.
init - The Client is in is in the process of 802.1X authentication, or has not started the
authentication process.

Age

The software age of the dot1x-mac-session.

PAE State

The current status of the Authenticator PAE state machine. This can
be INITIALIZE, DISCONNECTED, CONNECTING,
AUTHENTICATING, AUTHENTICATED, ABORTING, HELD,
FORCE_AUTH, or FORCE_UNAUTH.
NOTE: When the Authenticator PAE state machine is in the

AUTHENTICATING state, if the reAuthenticate, eapStart, eapLogoff,
or authTimeout parameters are set to TRUE, it may place the
Authenticator PAE state machine indefinitely in the ABORTING state.
If this should happen, use the dot1x initialize command to initialize
802.1X port security on the port, or unplug the Client or hub
connected to the port, then reconnect it.

TurboIron#show dot1x mac-session

Port MAC/(username) Vlan Auth ACL Age PAE

State State

-----------------------------------------------------------------------------

1 0000.0098.24f7 :User 10 permit none S20 AUTHENTICATED

See also other documents in the category Brocade Computer Accessories: