Table of Contents
Advertisement
Complete Software Guide for Junos
Table 351: show dot1x Output Fields (continued)
Field Name
Field Description
The 802.1X authentication method used for a supplicant:
Authentication
method
Guest VLAN
MAC Radius
address. The MAC address is configured as permitted on the RADIUS server,
the RADIUS server lets the switch know that the MAC address is a permitted
address, and the switch opens LAN access to the nonresponsive host on the
interface to which it is connected.
Radius
communicates this to the switch, and the switch opens LAN access on the
interface to which the supplicant is connected.
Server-fail deny
access to the LAN, preventing traffic from flowing from the supplicant through
the interface. This is the default.
Server-fail permit
still permitted access to the LAN as if the supplicant had been successfully
authenticated by the RADIUS server.
Server-fail use-cache
previously authenticated supplicants are reauthenticated, but new supplicants
are denied LAN access.
Server-fail VLAN
if the RADIUS server is unavailable to reauthenticate the supplicant. (The
VLAN must already exist on the switch.)
The VLAN to which the supplicant is connected.
Authenticated VLAN
User policy filter sent by the RADIUS server.
Dynamic filter
The configured reauthentication interval.
Session Reauth
interval
The number of seconds in which reauthentication will occur again for the
Reauthentication
connected supplicant.
due in
show dot1x interface
show dot1x interface
brief
brief
show dot1x interface
detail
2760
®
OS for EX Series Ethernet Switches, Release 10.3
—A supplicant is connected to the LAN through the guest VLAN.
—A nonresponsive host is authenticated based on its MAC
—A supplicant is configured on the RADIUS server, the RADIUS server
—If the RADIUS servers time out, all supplicants are denied
—When the RADIUS server is unavailable, a supplicant is
—If the RADIUS servers time out during reauthentication,
—A supplicant is configured to be moved to a specified VLAN
user@switch> show dot1x interface [ge-0/0/1 ge-0/0/2 ge0/0/3] brief
Interface Role
--------- ----
ge-0/0/1
Authenticator Authenticated
ge-0/0/2
Authenticator Connecting
ge-0/0/3
Supplicant
user@switch> show dot1x interface ge-0/0/16.0 detail
ge-0/0/16.0
Role: Authenticator
Administrative state: Auto
Supplicant mode: Single
Number of retries: 3
Quiet period: 60 seconds
Transmit period: 30 seconds
State
MAC address
-----
------------------
00:a0:d2:18:1a:c8
Authenticating 00:a0:e5:32:97:af
-
Authenticated
00:a6:55:f2:94:ae
Level of Output
detail
detail
detail
detail
detail
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Chapters
Table of Contents
Troubleshooting
Related Manuals for Juniper JUNOS OS 10.3 - SOFTWARE
Related Products for Juniper JUNOS OS 10.3 - SOFTWARE
- Juniper IDP OS 5.1R1 - S REV 1
- Juniper JUNOS OS 10.4 - S REV 5
- Juniper JUNOS OS 10.4 - FOR EX REV 1
- Juniper JUNOS OS 10.4 - XML API OPERATIONAL
- Juniper IDP OS 5.1R1
- Juniper JUNOS SOFTWARE 10.2 - SOFTWARE INSTALLATION AND UPGRADE GUIDE 4-28-2010
- Juniper OCX1100
- Juniper ADVANCED INSIGHT SCRIPTS 2.5 - S REV 1