show port-access authenticator config
The show port-access authenticator config command
Syntax:
show port-access authenticator config [port-list]
Displays 802.1X port-access authenticator configuration settings, including:
Whether port-access authentication is enabled.
Whether RADIUS-assigned dynamic VLANs are supported.
802.1X configuration of ports that are enabled as 802.1X authenticators. Use the
show running
command to view the currentclient-limit
configuration available for switches.
You can display 802.1X port-access authenticator configuration for all switch ports or specified ports. 802.1X configuration information for ports that are not enabled as 802.1X authenticators is not displayed.
switch(config)# show port-access authenticator config Port Access Authenticator Configuration Port-access authenticator activated [No] : Yes Allow RADIUS-assigned dynamic (GVRP) VLANs [No] : No | Re-auth Access Max Quiet TX Supplicant Server Cntrl Port | Period Control Reqs Period Timeout Timeout Timeout Dir ---- + ------- -------- ----- ------- -------- ---------- -------- ----- 1 | No Auto 2 60 30 30 30 both 2 | No Auto 2 60 30 30 30 in
Field |
Description |
---|---|
|
802.1X authentication enabled/disabled status for specified ports. |
|
Port number on switch. |
|
Time period (in seconds) after which clients connected to the port must be reauthenticated. |
|
Authentication mode of port: Auto: Network access is allowed to any connected device that supports 802.1X authentication and provides valid 802.1X credentials. Authorized: Network access is allowed to any device connected to the port, regardless of whether it meets 802.1X criteria. Unauthorized: Network access is blocked to any device connected to the port, regardless of whether the device meets 802.1X criteria. |
|
Number of authentication attempts that must time out before authentication fails and the authentication session ends. |
|
Time period (in seconds) during which the port does not try to acquire a supplicant. |
|
Time period (in seconds) that the port waits to retransmit the next EAPOL PDU during an authentication session. |
|
Time period (in seconds) that the switch waits for a supplicant response to an EAP request. |
|
Time period (in seconds) that the switch waits for a server response to an authentication request. |
|
Direction in which flow of incoming and outgoing traffic is blocked on 802.1X-aware port that has not yet entered the authenticated state: Both: Incoming and outgoing traffic is blocked on port until authentication occurs. In: Only incoming traffic is blocked on port before authentication occurs. Outgoing traffic with unknown destination addresses is flooded on the unauthenticated 802.1X-aware port. |