show port-access authenticator clients
The show port-access authenticator clients command
Syntax:
show port-access authenticator clients [port-list]
Displays the session status, name, and address for each 802.1X port-access-authenticated client on the switch. Multiple authenticated clients may be displayed for the same port. The IP address displayed is taken from the DHCP binding table (learned through the DHCP Snooping feature).
If DHCP snooping is not enabled on the switch, n/a (not available) is displayed for a client IP address.
If an 802.1X-authenticated client uses an IPv6 address, n/a - IPv6 is displayed.
If DHCP snooping is enabled but no MAC-to-IP address binding for a client is found in the DHCP binding table, n/a - no info is displayed.
The show port-access authenticator clients command output
Switch (config)# show port-access authenticator clients Port Access Authenticator Client Status Port Client Name MAC Address IP Address Session Status ----- ----------- ------------- --------------- -------------- 1 webuser1 001321-eb8063 192.192.192.192 Authenticated 1 webuser2 001560-b3ea48 n/a - no info Authenticating 1 webuser3 000000-111111 n/a - IPv6 Authenticating 3 webuser4 000000-111112 n/a Authenticating
Syntax:
show port-access authenticator clients <port-list> detailed
Displays detailed information on the status of 802.1X-authenticated client sessions on specified ports, including the matches the switch detects for individual ACEs configured with the
cnt
(counter)
option in an ACL assigned to the port by a RADIUS server.
Output for the show port-access authenticator clients detailed command
Switch (config)# show port-access authenticator clients 5 detailed Port Access Authenticator Client Status Detailed Client Base Details : Port : 5 Session Status : Open Session Time(sec) : 999999999 Frames In : 999999999 Frames Out : 99999999 Username : webuser1 MAC Address : 001321-eb8063 IP : 2001:fecd:ba23:cd1f:dcb1:1010:9234:4088 Access Policy Details : COS Map : 70000000 In Limit % : 87 Untagged VLAN : 3096 Out Limit % : 100 Tagged VLANs : 1, 3, 5, 6, 334, 2066 RADIUS-ACL List : deny in udp from any to 10.2.8.233 CNT Hit Count: 10 permit in udp from any to 10.2.8.233 CNT Hit Count: 17 deny in tcp from any to 10.2.8.233 CNT Hit Count: 1 permit in tcp from any to 10.2.8.233 CNT Hit Count: 11 permit in ip from any to any cnt Hit Count: 42