Manualshelf

Access Security Guide K/KA/KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5406R-8XGT/8SFP+ (No PSU) v2 zl2 Switch
201202203204205206207208209210
Note: If there are no ACLs currently assigned to any port in <port-list>,
executing this command returns only the system prompt. If a client authenticates but
the server does not return a RADIUS-assigned ACL to the client port, then the server
does not have a valid ACL configured and assigned to that client's authentication
credentials.
Example
The following output shows that a RADIUS server has assigned an ACL to port B1 to filter inbound
traffic from an authenticated client identified by a MAC address of 00-17-A4-E6-D7-87.
Figure 160 A RADIUS-assigned ACL application to a currently active client session
Syntax:
show port-access <web-based | mac-based | authenticator>
clients <port-list> detailed
For ports in <port-list> configured for authentication, this command shows the details of the
RADIUS-assigned features listed below that are active as the result of a client authentication. (Ports
in <port-list> that are not configured for authentication are not listed.)
Client Base Details:
Port
Port number of port configured for authentication.
Session Status
Indicates whether there is an authenticated client session active on the port. Options include
authenticated and unauthenticated.
Username
During an authenticated session, shows the user name of the authenticated client. If the
client is not authenticated, this field is empty.
IP
Shows the authenticated client's IP address, if available. Requires DHCP snooping enabled
on the switch. When "n/a" appears in the field, the switch has not been able to acquire
the client's IP address. Note: Where the client IP address is available to the switch, it can
take a minute or longer for the switch to learn the address. For more on this topic, see
“Configuring RADIUS accounting” (page 157).
Session Time (sec)
For an unauthenticated session, indicates the elapsed time in seconds since the client was
detected on the port. For an authenticated session, this indicates the elapsed time in
seconds since the client was authenticated on the port.
208 RADIUS server support for switch services