KB.15.15

Figure 336 show port-access authenticator session-counters

Command

Syntax

show port-access authenticator vlan [port-list]

Displays the following information on the VLANs configured for use in 802.1X

port-access authentication on all switch ports, or specified ports, that are enabled

as 802.1X authenticator:

• Authentication mode used on each port, configured with the aaa port-access

authenticator control command (see page 13-21)

• VLAN ID (if any) to be used for traffic from 802.1Xauthenticated clients

• VLAN ID (if any) to be used for traffic from unauthenticated clients

802.1X configuration information for ports that are not enabled as an 802.1X

authenticators is not displayed.

Figure 337 show port-access authenticator vlan Command

Syntax

show port-access authenticator clients [port-list]

Displays the session status, name, and address for each 802.1X

port-access-authenticated client on the switch. Multiple authenticated clients may

be displayed for the same port. The IP address displayed is taken from the DHCP

binding table (learned through the DHCP Snooping feature).

• If DHCP snooping is not enabled on the switch, n/a (not available) is displayed

for a client’s IP address.

• If an 802.1X-authenticated client uses an IPv6 address, n/a - IPv6 is displayed.

• If DHCP snooping is enabled but no MAC-to-IP address binding for a client is

found in the DHCP binding table, n/a - no info is displayed.

470 Port-Based and User-Based Access Control (802.1X)