Configuring Port-Based and User-Based Access Control (802.1X)

Displaying 802.1X Configuration, Statistics, and Counters

Syntax: show port-access authenticator [port-list]

[config statistics session-counters vlan clients clients detailed

Untagged VLAN: VLAN ID number of the untagged VLAN used in client sessions. If the switch supports MAC-based (untagged) VLANs, MACbased is displayed to show that multiple untagged VLANs are configured for authentication sessions.

Tagged VLANs: Are tagged VLANs (statically configured or RADIUS-assigned) used for authenticated clients?

Yes or NoPort COS:

Yes - Client-specific CoS (Class of Service) values are applied to more than one authenticated client on the port. No - No client-specific CoS values are applied to any authenticated client on the port.

<cos-value>- Numerical value of the CoS (802.1p priority) applied to inbound traffic from one authenticated client. For client-specific per-port CoS values, enter the show port-accessweb-based clients detailed command.

% In Limit:

Yes - Per-port rate-limiting is applied to inbound traffic from more than one authenticated client.

No - Per-port rate-limiting is not applied to any authenticated client session. <rate-limit-value>- Percentage value of a port’s bandwidth applied as a rate limit to one authenticated client.

Information on ports not enabled for 802.1X port-access authentication is not displayed.

ProCurve(config)# show port-access authenticator

Port Access Authenticator Status

Port-access authenticator activated [No] : Yes

 

Allow RADIUS-assigned

dynamic (GVRP) VLANs [No] : Yes

 

Auth

Unauth

Untagged

Tagged

Port

Cntrl

Port

Clients

Clients

VLAN

VLANs

COS

Dir

----

-------

--------

+ --------

------

-------- -----

1

1

1

4006

Yes

70000000

 

2

2

0

MACbased

No

Yes

 

3

4

0

1

Yes

No

 

...

 

 

 

 

 

 

10-52