Configuration notes, Draft: brocade confidential – Brocade 6910 Ethernet Access Switch Diagnostic Guide (Supporting R2.2.0.0) User Manual

Brocade 6910 Ethernet Access Switch Diagnostic Guide

63

53-1002653-01

7

DRAFT: BROCADE CONFIDENTIAL

802.1x

TX Period : 30 seconds

Supplicant Timeout : 30 seconds

Server Timeout : 10 seconds

Reauth Max Retries : 2

Max Request : 2

Operation Mode : Single-Host

Port Control : Auto

Intrusion Action : Block traffic

Supplicant : 00-00-00-00-00-00

Authenticator PAE State Machine

State : Initialize

Reauth Count : 0

Current Identifier : 0

Backend State Machine

State : Initialize

Request Count : 0

Identifier (Server) : 0

Reauthentication State Machine

State : Initialize

show dot1x statistics

Syntax: show dot1x statistics interface ethernet unit/port

unit - Unit identifier. (Range: 1)

port - Port number. (Range: 1-12)

This command displays 802.1x statistics for a specified port, as shown in the following example.

Console# show dot1x statistics interface ethernet 1/12

Eth 1/12

Rx: EAPOL EAPOL EAPOL EAPOL EAP EAP EAP

Start Logoff Invalid Total Resp/ID Resp/Oth LenError

0 0 0 0 0 0 0

Last Last

EAPOLVer EAPOLSrc

0 00-00-00-00-00-00

Tx: EAPOL EAP EAP

Total Req/ID Req/Oth

0 0 0

802.1X Supplicant is disabled on port 1/12

Configuration notes

•

The client’s 802.1x MAC session establishes a relationship between the user name and the
MAC address used for authentication. If a user attempts to gain access from different clients
(with different MAC addresses), the user must be authenticated from each client.

•

If a client has been denied access to the network (that is, the client’s 802.1x MAC session is
set to “access-denied”), then you can cause the client to be re-authenticated by manually
disconnecting the client from the network, or by using the dot1x re-authentication command.