Cisco IOS Software router

On a Cisco router running Cisco IOS Software, these commands are useful for debugging:

show eou	Shows eou (EAPoverUDP) settings including
	polling cycle timeouts.
show eou all	Shows current eou cache data.
eou logging	Turns on eou logging output.
eou reval ip xx.xx.xx.xx	Forces immediate revalidation of client with IP
	address xx.xx.xx.xx.
clear ip admission cache *	Clears the IP admission cache for all clients
	(forced revalidation of all clients).

Cisco IOS Software switch

For Cisco switches configured for IP-based NAC, the commands listed in the preceding section apply to both a router and a switch. For 802.1x-based NAC a useful command is the following. (NAC values are in bold at the bottom of the output.)

show dot1x interface (interface) details

Dot1x Info for FastEthernet1/0/10

-----------------------------------

PAE	= AUTHENTICATOR
PortControl	= AUTO
ControlDirection	= Both
HostMode	= SINGLE_HOST
ReAuthentication	= Enabled
QuietPeriod	= 60
ServerTimeout	= 30
SuppTimeout	= 30
ReAuthPeriod	= (From Authentication Server)
ReAuthMax	= 2
MaxReq	= 2
TxPeriod	= 30
RateLimitPeriod	= 0

Dot1x Authenticator Client List

-------------------------------

Supplicant		=	000c.2929.25cd
Auth	SM State	=	AUTHENTICATED
Auth	BEND SM Stat =		IDLE
Port Status		=	AUTHORIZED
ReAuthPeriod		=	60
ReAuthAction		=	Reauthenticate

452Building a Network Access Control Solution with IBM Tivoli and Cisco Systems

IBM Tivoli and Cisco manual Cisco IOS Software router, Cisco IOS Software switch

Models: Tivoli and Cisco