Manualshelf

Technical data

ManualsBrandsBrocade Communications Systems ManualsSwitch6910
51525354555657585960
Brocade 6910 Ethernet Access Switch Diagnostic Guide 43
53-1002348-02
802.1x
Backend State Machine
State : Initialize
Request Count : 0
Identifier (Server) : 0
Reauthentication State Machine
State : Initialize
show dot1x statistics
Syntax: show dot1x statistics interface ethernet unit/port
unit - Unit identifier. (Range: 1)
port - Port number. (Range: 1-12)
This command displays 802.1x statistics for a specified port, as shown in the following example.
Console# show dot1x statistics interface ethernet 1/12
Eth 1/12
Rx: EAPOL EAPOL EAPOL EAPOL EAP EAP EAP
Start Logoff Invalid Total Resp/ID Resp/Oth LenError
0 0 0 0 0 0 0
Last Last
EAPOLVer EAPOLSrc
0 00-00-00-00-00-00
Tx: EAPOL EAP EAP
Total Req/ID Req/Oth
0 0 0
802.1X Supplicant is disabled on port 1/12
Configuration notes
The client’s 802.1x MAC session establishes a relationship between the user name and the
MAC address used for authentication. If a user attempts to gain access from different clients
(with different MAC addresses), the user must be authenticated from each client.
If a client has been denied access to the network (that is, the client’s 802.1x MAC session is
set to “access-denied”), then you can cause the client to be re-authenticated by manually
disconnecting the client from the network, or by using the dot1x re-authentication command.
When a client has been denied access to the network, the 802.1x MAC session is aged out if
no traffic is received from the client’s MAC address over a fixed hardware aging period (300
seconds). You can optionally change the software aging period for 802.1x MAC sessions or
disable aging altogether. After the denied client’s 802.1x MAC session is aged out, traffic from
that client is no longer blocked, and the client can be re-authenticated.
To implement 802.1x port security, at least one of the RADIUS servers identified to the Brocade
device must support the 802.1x standard.