Chapter 7
| Authentication Commands
802.1X Port Authentication
◆
Authenticator Parameters – Shows whether or not EAPOL pass-through is
enabled
(page
220).
◆
Supplicant Parameters – Shows the supplicant user name used when the switch
responds to an MD5 challenge from an authenticator
◆
802.1X Port Summary – Displays the port access control parameters for each
interface that has enabled 802.1X, including the following items:
Type – Administrative state for port access control (Enabled, Authenticator,
■
or Supplicant).
Operation Mode–Allows single or multiple hosts
■
Control Mode – Dot1x port control mode
■
Authorized– Authorization status (yes or n/a - not authorized).
■
◆
802.1X Port Details – Displays the port access control parameters for each
interface, including the following items:
Reauthentication – Periodic re-authentication
■
■
Reauth Period – Time after which a connected client must be re-
authenticated
(page
Quiet Period – Time a port waits after Max Request Count is exceeded
■
before attempting to acquire a new client
TX Period – Time a port waits during authentication session before re-
■
transmitting EAP packet
Supplicant Timeout – Supplicant timeout.
■
Server Timeout – Server timeout. A RADIUS server must be set before the
■
correct operational value of 10 seconds will be displayed in this field.
Reauth Max Retries – Maximum number of reauthentication attempts.
■
Max Request – Maximum number of times a port will retransmit an EAP
■
request/identity packet to the client before it times out the authentication
session
(page
222).
Operation Mode– Shows if single or multiple hosts (clients) can connect to
■
an 802.1X-authorized port.
■
Port Control–Shows the dot1x mode on a port as auto, force-authorized, or
force-unauthorized
Intrusion Action– Shows the port response to intrusion when
■
authentication fails
Supplicant– MAC address of authorized client.
■
◆
Authenticator PAE State Machine
State – Current state (including initialize, disconnected, connecting,
■
authenticating, authenticated, aborting, held, force_authorized,
force_unauthorized).
Reauth Count– Number of times connecting state is re-entered.
■
Current Identifier– The integer (0-255) used by the Authenticator to identify
■
the current authentication session.
225).
(page
227).
(page
224).
(page
221).
– 232 –
(page
228).
(page
223).
(page
224).
(page
224).
(page
225).