KB.15.15

Displays the status of all ports or specified ports that are enabled for MAC

authentication. The information displayed for each port includes:

• Number of authorized and unauthorized clients.

• VLAN ID number of the untagged VLAN used. If the switch supports MAC

(untagged) VLANs, MACbased is displayed to show that multiple untagged

VLANs are configured for authentication sessions.

• If tagged VLANs (statically configured or RADIUS-assigned) are used (Yes or

No.)

• If client-specific per-port CoS (Class of Service) values are configured (Yes or

No) or the numerical value of the CoS (802.1p priority) applied to all inbound

traffic. For client-specific per-port CoS values, enter the show port-access

web-based clients detailed command.

• If per-port rate-limiting for inbound traffic is applied (Yes or No) or the

percentage value of the port's available bandwidth applied as a rate-limit

value.

• If RADIUS-assigned ACLs are applied.

Information on ports not enabled for MAC authentication is not displayed.

Figure 57 Show port-access MAC authentication command output

Viewing session information for MAC authenticated clients on a switch

Syntax:

show port-access mac-based clients [port-list]

Displays the session status, name, and address for each MAC authenticated client

on the switch. The IP address displayed is taken from the DHCP binding table

(learned through the DHCP Snooping feature).

If DHCP snooping is not enabled on the switch, n/a (not available) is displayed

for a client's IP address.

If a MAC-authenticated client uses an IPv6 address, n/a - IPv6 is displayed.

If DHCP snooping is enabled but no MAC-to-IP address binding for a client is found

in the DHCP binding table, n/a - no info is displayed.

Viewing 95