`show port-access authenticator config`

The show port-access authenticator config command

Syntax:


show port-access authenticator config [port-list]

Displays 802.1X port-access authenticator configuration settings, including:

Whether port-access authentication is enabled.

Whether RADIUS-assigned dynamic VLANs are supported.

802.1X configuration of ports that are enabled as 802.1X authenticators. Use the show running command to view the current client-limit configuration available for switches.

You can display 802.1X port-access authenticator configuration for all switch ports or specified ports. 802.1X configuration information for ports that are not enabled as 802.1X authenticators is not displayed.

Switch(config)# show port-access authenticator config

Port Access Authenticator Configuration

Port-access authenticator activated [No] : Yes
Allow RADIUS-assigned dynamic (GVRP) VLANs [No] : No

     | Re-auth Access   Max   Quiet   TX       Supplicant Server   Cntrl
Port | Period Control   Reqs  Period  Timeout  Timeout    Timeout  Dir
---- + ------- -------- ----- ------- -------- ---------- -------- -----
1    | No      Auto     2     60      30       30         30       both
2    | No      Auto     2     60      30       30         30       in

Field table
Field	Description
`Port-access authenticator activated`	802.1X authentication enabled/disabled status for specified ports.
`Port`	Port number on switch.
`Re-auth Period`	Time period (in seconds) after which clients connected to the port must be reauthenticated.
`Access Control`	Authentication mode of port: Auto: Network access is allowed to any connected device that supports 802.1X authentication and provides valid 802.1X credentials. Authorized: Network access is allowed to any device connected to the port, regardless of whether it meets 802.1X criteria. Unauthorized: Network access is blocked to any device connected to the port, regardless of whether the device meets 802.1X criteria.
`Max reqs`	Number of authentication attempts that must time out before authentication fails and the authentication session ends.
`Quiet Period`	Time period (in seconds) during which the port does not try to acquire a supplicant.
`TX Timeout`	Time period (in seconds) that the port waits to retransmit the next EAPOL PDU during an authentication session.
`Supplicant Timeout`	Time period (in seconds) that the switch waits for a supplicant response to an EAP request.
`Server Timeout`	Time period (in seconds) that the switch waits for a server response to an authentication request.
`Cntrl Dir`	Direction in which flow of incoming and outgoing traffic is blocked on 802.1X-aware port that has not yet entered the authenticated state: Both: Incoming and outgoing traffic is blocked on port until authentication occurs. In: Only incoming traffic is blocked on port before authentication occurs. Outgoing traffic with unknown destination addresses is flooded on the unauthenticated 802.1X-aware port.