Command Reference Guide

ManualsBrandsHP ManualsMoonshot SystemsHP Moonshot-45G Switch Module

341

342

343

344

345

346

347

348

349

350

Port-Based Network Access Control Commands

CLI Command Reference

September 2014 Page 344

HP Moonshot Switch Module CLI Command Reference

Example: The following shows example CLI display output for the command.

(Routing) #show dot1x detail 1/0/1

Port........................................... 1/0/1

Protocol Version............................... 1

PAE Capabilities............................... Authenticator

Control Mode................................... auto

Authenticator PAE State........................ Initialize

Backend Authentication State................... Initialize

Quiet Period (secs)............................ 60

Transmit Period (secs)......................... 30

Guest VLAN ID.................................. 0

Guest VLAN Period (secs)....................... 90

Supplicant Timeout (secs)...................... 30

Server Timeout (secs).......................... 30

Maximum Requests............................... 2

Configured MAB Mode............................ Enabled

Operational MAB Mode........................... Disabled

VLAN Id........................................ 0

VLAN Assigned Reason........................... Not Assigned

Reauthentication Period (secs)................. 3600

VLAN-ID The VLAN assigned to the port by the radius server. This is only valid when the port control

mode is not Mac-based.

VLAN Assigned

Reason

The reason the VLAN identified in the VLAN-assigned field has been assigned to the port.

Possible values are RADIUS, Unauthenticated VLAN, Guest VLAN, default, and Not

Assigned. When the VLAN Assigned Reason is Not Assigned, it means that the port has not

been assigned to any VLAN by dot1x. This only valid when the port control mode is not

MAC-based.

Reauthentication

Period

The timer used by the authenticator state machine on this port to determine when

reauthentication of the supplicant takes place. The value is expressed in seconds and will

be in the range of 1 and 65535.

Reauthentication

Enabled

Indicates if reauthentication is enabled on this port. Possible values are ‘True” or “False”.

Key Transmission

Enabled

Indicates if the key is transmitted to the supplicant for the specified port. Possible values

are True or False.

Control Direction The control direction for the specified port or ports. Possible values are both or in.

Maximum Users The maximum number of clients that can get authenticated on the port in the MAC-based

dot1x authentication mode. This value is used only when the port control mode is not

MAC-based.

Unauthenticated

VLAN ID

Indicates the unauthenticated VLAN configured for this port. This value is valid for the port

only when the port control mode is not MAC-based.

Session Timeout Indicates the time for which the given session is valid. The time period in seconds is

returned by the RADIUS server on authentication of the port. This value is valid for the port

only when the port control mode is not MAC-based.

Session

Termination

Action

This value indicates the action to be taken once the session timeout expires. Possible values

are Default, Radius-Request. If the value is Default, the session is terminated the port goes

into unauthorized state. If the value is Radius-Request, then a reauthentication of the client

authenticated on the port is performed. This value is valid for the port only when the port

control mode is not MAC-based.

Term Definition