show port-access authenticator vlan
Syntax:
show port-access authenticator vlan [port-list]
Displays the following information on the VLANs configured for use in 802.1X port-access authentication on all switch ports, or specified ports, that are enabled as 802.1X authenticator:
Authentication mode used on each port, configured with the
aaa port-access authenticator control
commandVLAN ID (if any) to be used for traffic from 802.1X-authenticated clients
VLAN ID (if any) to be used for traffic from unauthenticated clients
802.1X configuration information for ports that are not enabled as an 802.1X authenticators is not displayed.
Switch(config)# show port-access authenticator vlan Port Access Authenticator VLAN Configuration Port-access authenticator activated [No] : Yes Allow RADIUS-assigned dynamic (GVRP) VLANs [No] : No Access Unauth Auth Port Control VLAN ID VLAN ID ---- -------- -------- -------- 2 Auto 0 0
Syntax:
show port-access authenticator clients [port-list]
Displays the session status, name, and address for each 802.1X port-access-authenticated client on the switch. Multiple authenticated clients may be displayed for the same port. The IP address displayed is taken from the DHCP binding table (learned through the DHCP Snooping feature).
If DHCP snooping is not enabled on the switch, n/a (not available) is displayed for a client IP address.
If an 802.1X-authenticated client uses an IPv6 address, n/a - IPv6 is displayed.
If DHCP snooping is enabled but no MAC-to-IP address binding for a client is found in the DHCP binding table,
n/a - no info
is displayed.