show port-access authenticator vlan

Syntax:


show port-access authenticator vlan [port-list]

Displays the following information on the VLANs configured for use in 802.1X port-access authentication on all switch ports, or specified ports, that are enabled as 802.1X authenticator:

  • Authentication mode used on each port, configured with the aaa port-access authenticator control command

  • VLAN ID (if any) to be used for traffic from 802.1X-authenticated clients

  • VLAN ID (if any) to be used for traffic from unauthenticated clients

802.1X configuration information for ports that are not enabled as an 802.1X authenticators is not displayed.

Switch(config)# show port-access authenticator vlan

Port Access Authenticator VLAN Configuration

Port-access authenticator activated [No] : Yes
Allow RADIUS-assigned dynamic (GVRP) VLANs [No] : No

     Access   Unauth   Auth
Port Control  VLAN ID  VLAN ID
---- -------- -------- --------
2    Auto     0        0

Syntax:


show port-access authenticator clients [port-list]

Displays the session status, name, and address for each 802.1X port-access-authenticated client on the switch. Multiple authenticated clients may be displayed for the same port. The IP address displayed is taken from the DHCP binding table (learned through the DHCP Snooping feature).

  • If DHCP snooping is not enabled on the switch, n/a (not available) is displayed for a client IP address.

  • If an 802.1X-authenticated client uses an IPv6 address, n/a - IPv6 is displayed.

  • If DHCP snooping is enabled but no MAC-to-IP address binding for a client is found in the DHCP binding table, n/a - no info is displayed.