Dot1x re-authentication

802.1x Commands

The dot1x re-authenticationInterface Configuration mode command enables periodic re-authentication of the client. To return to the default configuration, use the no form of this command.

Syntax

dot1x re-authentication

no dot1x re-authentication

Default Configuration

Periodic re-authentication is disabled.

Command Mode

Interface Configuration (Ethernet)

User Guidelines

There are no user guidelines for this command.

Example

The following example enables periodic re-authentication of the client.

Console(config)# interface ethernet ext.16

Console(config-if)#dot1x re-authentication

dot1x timeout re-authperiod

The dot1x timeout re-authperiodInterface Configuration mode command sets the number of seconds between re-authentication attempts. To return to the default configuration, use the no form of this command.

Syntax

dot1x timeout re-authperiod seconds no dot1x timeout re-authperiod

386Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide

Page 402

Image 402

Intel SBCEGBESW10 CLI manual Dot1x timeout re-authperiod, Dot1x re-authentication No dot1x re-authentication

Contents

Guide for System Administrators of Intel Server Products Disclaimer Consignes de sécurité Important Safety InstructionsWichtige Sicherheitshinweise Instrucciones de seguridad importantesPage About this Manual Manual OrganizationPage Contents ACL Commands Gvrp Commands Line Commands 141 QoS Commands Radius Commands 215 Spanning-Tree Commands System Management Commands 321 Vlan Commands Appendix a Getting Help 405 Using CLI Overview Privileged Exec Mode Command in the Global Configuration mode Interface Configuration and Specific Configuration Modes Starting the CLI Negating the Effect of Commands Nomenclature CLI Command Conventions Using CLI AAA Commands Aaa authentication loginGlobal Configuration mode Aaa authentication enable Following example configures the authentication login Login authentication Consoleconfig# aaa authentication enable default enable Enable authentication Line Configuration modeConsoleconfig-line#login authentication default Ip http authentication There are no user guidelines for this commandConsoleconfig-line#enable authentication default Ip https authentication Following example configures the Http authentication Show authentication methods Following example configures Https authenticationShow authentication methods Privileged Exec mode PasswordThis command has no default configuration Following example displays the authentication configuration Enable password No password is defined Username No enable password is definedConsoleconfig# enable password secret level No user is defined User account can be created without a password AAA Commands Address Table Commands Bridge address Interface Configuration Vlan mode Bridge multicast filtering Folowing example, bridge multicast filtering is enabledConsoleconfig# bridge multicast filtering Bridge multicast filtering No bridge multicast filtering Bridge multicast address No multicast addresses are defined Bridge multicast forbidden address Following example registers the MAC addressNo forbidden addresses are defined This setting is disabled Command Mode Bridge multicast forward-all This setting is disabled Bridge multicast forbidden forward-allThis example, all multicast packets on port 1 are forwarded Bridge aging-time seconds No bridge aging-time Default setting is 300 secondsBridge aging-time Seconds Time in seconds. Range 10-630 seconds Clear bridge Clear bridgePort security Following example, the bridge tables are cleared Port security mode lock mac-addresses No port security mode Port security modeInterface Configuration Ethernet, port-channel mode Consoleconfig-if#port security forward trap Consoleconfig-if#port security mode mac-addresses Port security routed secure-addressMac-address a valid MAC address Show bridge address-table No addresses are defined Show bridge address-table static Console# show bridge address-table Show bridge address-table count Vlan Specifies a valid VLAN, such as VlanConsole# show bridge address-table static Show bridge multicast address-table Console# show bridge address-table count Console# show bridge multicast address-table Show bridge multicast filtering Show bridge multicast filtering vlan-idConsole# show bridge multicast address-table format ip Show ports security Console# show bridge multicast filtering Show ports security addresses Following table describes the fields shown aboveConsole# show ports security Console# show ports security addresses Address Table Commands ACL Commands Ip access-listIp access-list name No ip access-list name Permit ip IP Protocol Abbreviated Name Protocol Number ACL Commands No IPv4 ACL is defined IP-Access List Configuration modeDeny IP Deny-icmp Deny-igmp Deny-tcp deny-udp Mac access-list Following example shows how to create a MAC ACL Mac access-list name No mac access-list nameDefault for all ACLs is deny all Permit MAC MAC-Access List Configuration mode Deny MACNo MAC ACL is defined This command has no default configuration Service-acl input acl-name No service-acl input Service-aclShow access-lists Show access-lists name Console# show access-lists Show interfaces access-listsFollowing example displays access lists defined on a device Name The name of the ACL Console# show interfaces access-lists Clock Commands Clock set Sntp Sntp servers Clock sourceClock timezone No external clock source Clock summer-time No clock timezoneClock set to UTC No clock summer-time recurring Sntp authentication-key No authentication key is defined Sntp authenticate Sntp authenticate no sntp authenticate Sntp trusted-key Sntp client poll timerFollowing example authenticates key Sntp trusted-key key-number No sntp trusted-key key-number Sntp broadcast client is disabled Sntp broadcast client enableSntp client poll timer seconds No sntp client poll timer Seconds Polling interval in seconds. Range Sntp anycast client enable No sntp anycast client enable Sntp anycast client enableFollowing example enables the Sntp broadcast clients Sntp anycast client is disabled Sntp client is disabled on an interface Sntp client enable InterfaceFollowing example enables Sntp anycast clients Interface Configuration Ethernet, port-channel, Vlan mode Sntp unicast client is disabled Sntp unicast client enableSntp unicast client enable No sntp unicast client enable Sntp unicast client poll Sntp server Polling is disabledConsoleconfig# sntp unicast client poll No sntp server host Detail Shows timezone and summertime configuration Show clockShow clock detail Show sntp configuration Show sntp configurationConsole# show clock Console# show sntp configuration Show sntp statusShow sntp status Following example shows the status of the Sntp Console# show sntp status Configuration and Image File Commands Copy Copying a Boot File from a Server to Flash Memory Copying an Image File from a Server to Flash Memory Storing the Running or Startup Configuration on a Server DeleteDelete url Boot system Boot system image-1 image-2Sys, *.prv, image-1 and image-2 files cannot be deleted Show running-config Show running-configConsole# boot system image-1 Show startup-config Show startup-configConsole# show running-config Show backup-config Show backup-configConsole# show startup-config Show bootvar Show bootvarConsole# show backup-config Console# show bootvar Configuration and Image File Commands Interface range ethernet Ethernet Configuration CommandsInterface ethernet Interface ethernet interface Shutdown Interface range ethernet port-listallShutdown No shutdown Description Description string No description Speed 10 100 No speed SpeedFollowing example adds a description to Ethernet port Maximum port capability Duplex half full No duplex Interface Configuration Ethernet modeDuplex Interface is set to full duplex Consoleconfig# interface ethernet ext.1 NegotiationNo negotiation Flowcontrol Flowcontrol auto on off No flowcontrol Mdix Default setting is onFollowing example, automatic crossover is enabled on port Mdix on auto No mdix Back-pressure No back-pressure Back-pressurePort jumbo-frame Port jumbo-frame No port jumbo-frame Following example, jumbo frames are enabled on the device Jumbo frames are disabled on the deviceGlobal Configuration Clear counters Following example reactivates interface Set interface activeFollowing example, the counters for interface 1 are cleared Console# clear counters ethernet ext.2 Show interfaces advertise Following example displays auto-negotiation informationConsole# show interfaces advertise Show interfaces configuration Console# show interfaces configuration Show interfaces status Show interfaces description Show interfaces counters Interface a valid Ethernet port. Full syntax unit/portConsole# show interfaces description Console# show interfaces counters Following example displays counters for Ethernet port Following table describes the fields shown in the displayConsole# show interfaces counters ethernet ext.1 Show ports jumbo-frame This command is relevant to Giga devices onlyShow ports jumbo-frame Console# show port jumbo-frame Port storm-control include-multicast IC Following example enables counting multicast packetsPort storm-control include-multicast GC Multicast packets are not counted Port storm-control broadcast enable Broadcast storm control is disabled Default storm control broadcast rate is 3500 Kbits/Sec Port storm-control broadcast rate Show ports storm-control interface Following example displays the storm control configurationShow ports storm-control Console# show ports storm-control Disabled 3500 Broadcast Gvrp enable Interface Gvrp CommandsGvrp enable Global Gvrp enable No gvrp enable Following example enables Gvrp on Ethernet port Garp timerGvrp is disabled on all interfaces Garp timer join leave leaveall timervalue No garp timer Consoleconfig# interface ethernet ext.6 Gvrp vlan-creation-forbidGvrp vlan-creation-forbid No gvrp vlan-creation-forbid Gvrp registration-forbid No gvrp registration-forbid Dynamic Vlan creation or modification is enabledGvrp registration-forbid Dynamic registration of VLANs on the port is allowed Clear gvrp statistics Console# clear gvrp statistics ethernet ext.1 Following example displays Gvrp configuration information Show gvrp configurationPrivieged Exec mode Console# show gvrp configuration Show gvrp statistics Following example shows Gvrp statistical informationConsole# show gvrp statistics Show gvrp error-statistics Console# show gvrp error-statisticsFollowing example displays Gvrp statistical information Ip igmp snooping Interface Igmp Snooping CommandsIp igmp snooping Global Ip igmp snooping No ip igmp snooping Following example enables Igmp snooping on Vlan Automatic learning of multicast device ports is enabledIp igmp snooping mrouter learn-pim-dvmrp Consoleconfig-if#ip igmp snooping mrouter learn-pim-dvmrp Time-out- Specifies the host timeout in seconds. RangeDefault host-time-out is 260 seconds Ip igmp snooping host-time-out Default value is 300 seconds Consoleconfig-if#ip igmp snooping host-time-outIp igmp snooping mrouter-time-out Default leave-time-out configuration is 10 seconds Consoleconfig-if#ip igmp snooping mrouter-time-outIp igmp snooping leave-time-out Show ip igmp snooping mrouter interface vlan-id Consoleconfig-if#ip igmp snooping leave-time-outShow ip igmp snooping mrouter Vlan-id Specifies the Vlan number Show ip igmp snooping interface Show ip igmp snooping interface vlan-id Show ip igmp snooping groups Console# show ip igmp snooping interface Console# show ip igmp snooping groups Igmp Snooping Commands Ip address IP Address CommandsInterface Configuration Ethernet, VLAN, port-channel mode Ip address ip-address mask prefix-length Ip address dhcp Ip address dhcp hostname host-name No ip address dhcp Ip default-gateway Ip default-gateway ip-address No ip default-gatewayNo default gateway is defined This command is only operational in Switch mode Following example defines default gatewayShow ip interface Arp Console# show ip interface Arp timeout Arp timeout seconds No arp timeoutDefault timeout is 60000 seconds Clear arp-cache Clear arp-cacheShow arp Console# clear arp-cache Following example displays entries in the ARP table Ip domain-lookupShow arp Ip domain-lookup No ip domain-lookup Default domain name is not defined Ip domain-nameIp domain-name name No ip domain-name No name server addresses are specified Ip name-serverServer-address- Specifies IP addresses of the name server Following example sets the available name server No ip host name Ip hostClear host No host is defined Clear host dhcp Clear host dhcp nameConsole# clear host Name Specifies the host name. Range 1-158 characters Show hostsShow hosts name Console# clear host dhcp Following example displays host information Console# show hosts Lacp port-priority Lacp CommandsLacp system-priority Lacp system-priority value No lacp system-priority Lacp timeout Lacp timeout long short no lacp timeoutLacp port-priority value No lacp port-priority Short Specifies the short timeout value Default port timeout value is longShow lacp ethernet Following example display Lacp information for Ethernet port Console# show lacp ethernet ext.1 Show lacp port-channel Show lacp port-channel portchannelnumber Portchannelnumber Valid port-channel numberConsole# show lacp port-channel Line Line CommandsThis command has no user guidelines Show line Exec mode Show line telnet ssh Line Commands Line Commands Management access-list name No management access-list name Management ACL CommandsManagement access-list Name Access list name. Range 1-32 characters Consoleconfig# management access-list mlist Consoleconfig# management access-class mlist If no permit rule is defined, the default is set to deny Management Access-list Configuration mode Deny Management Management access-class Show management access-list name Following example displays the mlist management access list Show management access-class Console# show management access-class Management ACL Commands Test copper-port tdr interface PHY Diagnostics CommandsTest copper-port tdr Console# test copper-port tdr ext.3 Show copper-ports tdr interface User Exec modeShow copper-ports tdr Maximum length of the cable for the TDR test is 120 meters Show copper-ports cable-length interface Port must be active and working in 100M or 1000M modeShow copper-ports cable-length Console show copper-ports cable-length PHY Diagnostics Commands Interface port-channel Port Channel CommandsConsoleconfig# interface port-channel Interface port-channel port-channel-number Channel-group Consoleconfig# interface range port-channel 1-2,6Interface range port-channel Interface range port-channel port-channel-rangeall Show interfaces port-channel Port is not assigned to a port-channelShow interfaces port-channel port-channel-number Following example displays information on all port-channels Console# show interfaces port-channel Port Monitor Commands Monitors both received and transmitted packets Port monitor vlan-tagging No port monitor vlan-tagging Console config-if#port monitor vlan-taggingPort monitor vlan-tagging Ingress mirrored packets are transmitted untagged Show ports monitor Show ports monitorConsole show ports monitor Port Monitor Commands QoS basic mode is enabled QoS CommandsQos basic advanced service No qos Following example enables QoS on the device Show qos aggregate-policer Trust mode is displayed if QoS is enabled in basic modeShow qos Show qos Show qos interface There are no user guidelinesConsole# show qos aggregate-policer policer1 There is no default configuration for this command Console# show qos interface ethernet 1 buffers Show qos map dscp-queue Show qos map User Exec mode command displays all QoS mapsShow qos map Dscp-queue- Indicates the Dscp to queue map Class-map class-map-namematch-all match-any Class-mapFollowing example displays the Dscp port-queue map Console show qos map By default, the match-allparameter is selected Show class-mapShow class-map class-map-name Following example shows the class map for class1 Match access-group acl-name No match access-group acl-nameMatch Acl-name- Specifies the name of an IP or MAC ACL Class-map Configuration mode Policy-mapPolicy-map-name- Specifies the name of the policy map Class No policy map is defined Policy-map Configuration mode Show policy-mapUser Exec command displays the policy mapsShow policy-map Following example displays all policy maps Policy-map Class Configuration modeTrust cos-dscp Trust cos-dscp No trust cos-dscp Set No set Police No police Service-policy Service-policy input policy-map-name No service-policy input Qos aggregate-policer No qos aggregate-policerNo aggregate policer is define Exceed-action drop Police aggregate Console show qos aggregate-policer policer1 Wrr-queue cos-map No wrr-queue cos-map queue-id Wrr-queue bandwidth Following example maps CoS 7 to queueNo wrr-queue bandwidth Priority-queue out num-of-queues Priority-queue out num-of-queues number-of-queues No priority-queue out num-of-queues Consoleconfig# priority-queue out num-of-queuesTraffic-shape All queues are expedite queues No shape is defined Ethernet Notify Q depth Qid Size 125 Qos wrr-queue threshold No qos wrr-queue threshold tengigabitethernet queue-id Console config# qos wrr-queue threshold gigabitethernet 1Qos map policed-dscp Percent for all thresholds Consoleconfig# qos map policed-dscp 3 to Qos map dscp-queueDscp values 3,11,19… cannot be remapped to other values Following example maps Dscp values 33, 40 and 41 to queue Following table describes the default mapQos trust Global Qos trust cos dscp no qos trust CoS is the default trust mode Qos trust InterfaceQos trust No qos trust Default CoS value of a port is Qos cosNo qos cos Following example configures port 15 default CoS value to Qos dscp-mutationQos dscp-mutation No qos dscp-mutation Qos map dscp-mutation QoS Commands QoS Commands Rmon Commands Show rmon statisticsConsole# show rmon statistics ethernet ext.1 Rmon Commands Rmon collection history Cannot be configured for a range of interfaces Range context Show rmon collection history Show rmon history Console# show rmon collection history Console# show rmon history 1 errors Console# show rmon history 1 throughput Console# show rmon history 1 other Rmon alarm No rmon alarm index Type is absolute Startup direction is rising-falling Following example displays the alarms table Show rmon alarm-tableShow rmon alarm-table Console# show rmon alarm-table Number Specifies the alarm index. Range Show rmon alarmShow rmon alarm number Following example displays Rmon 1 alarms Rmon event Last Sample Value Show rmon events Show rmon events Show rmon log event Show rmon logFollowing example displays the Rmon event table Event Specifies the event index. Range Following example displays the Rmon log table Console# show rmon log Consoleconfig# rmon table-size history Rmon table-sizeHistory table size is Log table size is No radius-server host ip-addresshostname Radius CommandsRadius-server host No Radius server host is specified Radius-server key Radius-server key key-string No radius-server key Radius-server retransmit Key-string is an empty stringSoftware searches the list of Radius server hosts 3 times Consoleconfig# radius-server retransmit Radius-server source-ipSource Specifies a valid source IP address Radius-server timeout Timeout value is 3 secondsConsoleconfig# radius-server timeout Radius-server deadtime Deadtime setting isConsoleconfig# radius-server deadtime Show radius-servers Following example displays Radius server settings Show radius-serversConsole# show radius-servers Radius Commands Ip http port Web Server CommandsIp http server Ip http server No ip http server Ip http exec-timeout No ip http portIp http exec-timout minutes seconds no ip http exec-timout Ip https server Default timout is 10 minutesDisabled Ip https server No ip https server Ip https port Ip https exec-timeoutFollowing example configures the https port number to Ip https port port-number No ip https port Crypto certificate generate No ip https exec-timout Consoleconfig# crypto certificate 1 generate key-generate Crypto certificate requestFollowing example regenerates an Https certificate There is no default configuration for this command Number Specifies the certificate number. Range Crypto certificate importCrypto certificate number import Console# crypto certificate 1 request Consoleconfig# crypto certificate 1 import Ip https certificateIp https certificate number No ip https certificate Certificate number Consoleconfig# ip https certificateShow crypto certificate mycertificate Show crypto certificate mycertificate number Show ip http Show ip httpFollowing example displays the certificate Console# show crypto certificate mycertificate Show ip https Following example displays the Http server configurationShow ip https Console# show ip http Web Server Commands Web Server Commands Snmp Commands Snmp-server communityNo communities are defined Snmp-server view Snmp-server group No view entry exists No snmp-server group groupname v1 v2 v3 noauth auth priv No group entry exists Snmp-server user No snmp-server user username remote engineid-string Snmp-server engineID local Parameters Snmp traps are enabled Snmp-server enable trapsSnmp-server enable traps No snmp-server enable traps Following example enables Snmp traps Snmp-server filter No filter entry exists Snmp-server host Snmp-server v3-host Snmp-server trap authentication Following example configures an SNMPv3 hostSnmp-server trap authentication Following example enables Snmp failed authentication traps No snmp-server trap authenticationSnmp failed authentication traps are enabled Snmp-server contact Snmp-server location IntelTechnicalSupportSnmp-server location text No snmp-server location Snmp-server set Following example defines the device location as NewYork Show snmp Show snmpFollowing example displays the Snmp communications status Show snmp engineid Show snmp engineID Show snmp views viewname Show snmp viewsFollowing example displays the Snmp engine ID Viewname Specifies the name of the view. Range Show snmp groups groupname Following example displays the configuration of viewsShow snmp groups Groupname-Specifies the name of the group. Range Show snmp filters filtername Show snmp filtersFollowing table describes significant fields shown above Filtername-Specifies the name of the filter. Range Show snmp users username Following example displays the configuration of filtersShow snmp users Username-Specifies the name of the user. Range Console# show snmp users Spanning-tree mode stp rstpmstp Spanning-Tree CommandsSpanning-tree mode Spanning-tree Consoleconfig# spanning-tree mode rstp No spanning-tree modeSTP is enabled Spanning-tree forward-time Consoleconfig# spanning-tree forward-time Seconds Time in seconds. Range Consoleconfig# spanning-tree hello-time Spanning-tree max-ageSpanning-tree max-age seconds No spanning-tree max-age Forward-Time 1 = Max-Age Max-Age = 2*Hello-Time + Following example configures spanning tree priority toSpanning-tree priority Spanning-tree priority priority No spanning-tree priority Spanning-tree cost Spanning-tree disableSpanning-tree disable No spanning-tree disable Spanning-tree cost cost No spanning-tree cost Spanning-tree port-priority Cost Path cost of the port Range 1-200,000,000 Consoleconfig-if#spanning-tree port-priority Default port priority for Ieee Spanning TreeProtocol STP isPortFast mode is disabled Spanning-tree portfast Following example enables PortFast on Ethernet port Consoleconfig-if#spanning-tree portfastSpanning-tree link-type Consoleconfig-if#spanning-tree link-type shared Spanning-tree pathcost methodShort path cost method Spanning-tree bpdu Following example sets the default path cost method to longDefault setting is flooding Spanning-tree bpdu filtering flooding No spanning-tree bpdu Clear spanning-tree detected-protocols Spanning-tree mst prioritySpanning-tree mst instance-idpriority priority Console config # spanning-tree mst 1 priority Spanning-tree mst max-hopsNo spanning-tree mst instance-idpriority Default number of hops is Console config # spanning-tree mst max-hopsSpanning-tree mst port-priority Consoleconfig-if#spanning-tree mst 1 port-priority Spanning-tree mst cost Following example configures an MST region Spanning-tree mst configurationSpanning-tree mst configuration Consoleconfig# spanning-tree mst configuration Instance instance-idadd remove vlan vlan-range MST Configuration modeInstance mst Following example maps VLANs 10-20 to MST instance Name mst Default name is a radlanguestFollowing example defines the configuration name as region1 Revision mst Following example sets the configuration revision to Value Configuration revision number RangeDefault configuration revision number is Show mst Exit mst Exit Abort mst Spanning-tree guard rootAbort Spanning-tree guard root No spanning-tree guard root Root guard is disabledShow spanning-tree Interface -number- a valid Ethernet port Following example displays spanning-tree information Console# show spanning-tree FWD Console# show spanning-tree active Console# show spanning-tree blockedports Console# show spanning-tree detail Port 3 disabled State N/A Role N/A Port id Console# show spanning-tree mst-configuration Console# show spanning-tree ethernet ext.1 Rstp Times hold 1, topology change 35, notification Designated port id Designated path cost Port Enabled State Forwarding Role Boundary Port id This switch is root for CST and IST master Hello Time 2 sec Max Age 20 sec Spanning-Tree Commands Ip ssh server SSH CommandsIp ssh port Ip ssh port port-number No ip ssh port Device configuration from a SSH server is disabled Crypto key generate dsaDSA key pairs do not exist Following example generates DSA key pairs Consoleconfig# crypto key generate dsaCrypto key generate rsa Crypto key generate rsa Following example generates RSA key pairs AAA authentication is independentIp ssh pubkey-auth Ip ssh pubkey-auth No ip ssh pubkey-auth Crypto key pubkey-chain ssh No keys are specified User-key SSH Public Key-string Configuration modeConsoleconfig# crypt\o key pubkey-chain ssh No SSH public keys exist Key-string Consoleconfig# crypto key pubkey-chain ssh Show ip sshShow ip ssh Show crypto key mypubkey rsa dsa Following example displays the SSH server configurationShow crypto key mypubkey Rsa Indicates the RSA key Dsa Indicates the DSA key Show crypto key pubkey-chain ssh Console# show crypto key mypubkey rsa Console# show crypto key pubkey-chain ssh Console# show crypto key pubkey-chain ssh username bob SSH Commands Following example enables logging error messages Syslog CommandsLogging is enabled Logging on Logging Logging buffered Default severity level is informationalConsoleconfig# logging buffered debugging Logging buffered level No logging buffered Consoleconfig# logging buffered size Default number of messages isThis command takes effect only after Reset Logging buffered size Clear logging Default severity level is errorsLogging file Logging file level No logging file Clear logging file Consoleconfig# logging file alertsClear logging file Following example clears messages from the logging file File-system logging Aaa logging login no aaa logging loginAaa logging File-system logging copy Management logging Logging file system events is enabledConsoleconfig# file-system logging copy Management logging deny No management logging deny Show logging Logging management ACL events is enabledConsoleconfig# management logging deny Show logging Console# show logging AAA Show logging file Show logging fileConsole# show logging file Show syslog-servers Show syslog-servers Console# show syslog-servers Syslog Commands System Management Commands Ping Traceroute Following example displays pinging results Syntax Probe timed out Default port is the Telnet port decimal23 on the host Telnet Special Telnet Sequences Keywords Table Ports Table Reload Following command switches to open Telnet session numberResume Connection The connection number. Range 1-4 connections Following example reloads the operating system HostnameReload Hostname name No hostname Show users Show usersFollowing example specifies the device host name Console show users Following example lists open Telnet sessions Show sessionsShow sessions Console show sessions Show system Show systemConsole# show system Show system id unit unit Privilaged Exec modeShow system id Unit unit Unit number Show system flowcontrol Show system flowcontrolConsole show system id Priviledged Exec mode Show system modeShow system mode Following example displays information on features control Show version Service cpu-utilizationService cpu-utilization No service cpu-utilization Console show version Show cpu utilization This example enables measuring CPU utilizationConsoleconfig# service cpu-utilization Show cpu utilization Console# show cpu utilization TACACS+ Commands Tacacs-server hostNo tacacs-server host ip-addresshostname Tacacs-server key key-string No tacacs-server key Tacacs-server keyFollowing example specifies a TACACS+ host Empty string Following example sets the timeout value to Tacacs-server timeoutFollowing example sets the authentication encryption key Consoleconfig# tacacs-server timeout Source Specifies the source IP address Tacacs-server source-ipShow tacacs Following example specifies the source IP address Ip-address Name or IP address of the TACACS+ server Console# show tacacs TACACS+ Commands User Interface Commands EnableDisable Login User Exec mode command changes a login username LoginFollowing example return to Users Exec mode Login Configure ConfigureFollowing example enters Global Configuration mode Exit Configuration All configuration modesExit Following example closes an active terminal session EndPrivileged and User Exec modes End Terminal datadump All command modesHelp Help Terminal datadump No terminal datadump Dumping is disabledShow history Show history Console# show version Show privilegeShow privilege Console# show history Command The command to be executed Console# show privilege Console Config# do show vlan Vlan database Vlan CommandsFollowing example enters the Vlan database mode Vlan Following example Vlan number 1972 is created Vlan Configuration modeInterface vlan Interface vlan vlan-id Interface range vlan Interface range vlan vlan-rangeallAll All existing static VLANs No name is defined NameNo name Following example gives Vlan number 19 the name Marketing Switchport protected Switchport protected is disabledConsoleconfig-if#switchport protected ethernet ext.1 Switchport mode Switchport access vlanSwitchport mode access trunk general No switchport mode Switchport trunk allowed vlan Switchport trunk allowed vlan add vlan-listremove vlan-listAll ports belong to Vlan Switchport trunk native vlan Vlan-id- Specifies the ID of the native Vlan Switchport general allowed vlan VID=1 Switchport general pvid Vlan-id- Specifies the Pvid Port Vlan ID Switchport general ingress-filtering disable Ingress filtering is enabled Switchport forbidden vlan add vlan-listremove vlan-list Switchport general acceptable-frame-type tagged-onlySwitchport forbidden vlan All frame types are accepted at ingress Ip internal-usage-vlan vlan-id No ip internal-usage-vlan Ip internal-usage-vlanAll VLANs are allowed Vlan-id- Specifies the ID of the internal usage Vlan Show vlan id vlan-idname vlan-name Consoleconfig-if#ip internal-usage-vlanShow vlan Vlan-id- specifies a Vlan ID Show vlan internal usage Following example displays all Vlan informationShow vlan internal usage Show interfaces switchport Console# show vlan internal usage Console# show interface switchport ethernet ext.1 VLAN011 Pvid Map protocol protocols-group Map protocol protocol encapsulation protocols-group group Following protocol names are reserved Switchport general map protocols-group vlanVlan Database mode Following example maps protocol ip-arp to the group named Map mac macs-group Switchport general map macs-group vlan Console config-if#switchport general map macs-group 1 vlan Switchport general map subnets-group vlan Map subnet subnets-group Show vlan protocols-groups Show vlan macs-groups Console# show vlan protocols-groups Show vlan subnets-groups Following example shows subnets-groups information Vlan Commands No authentication method is defined 29 802.1x CommandsAaa authentication dot1x Method1 method2... At least one from the following table Dot1x system-auth-control 802.1x is disabled globallyFollowing example enables 802.1x globally Dot1x port-control Interface Configuration Ethernet Consoleconfig-if#dot1x port-control autoPort is in the force-authorized state Dot1x re-authentication No dot1x re-authentication Dot1x re-authenticationDot1x timeout re-authperiod Periodic re-authentication is disabled Dot1x re-authenticate ethernet interface Dot1x re-authenticateRe-authentication period is 3600 seconds Consoleconfig-if#dot1x timeout re-authperiod Dot1x timeout quiet-period Console# dot1x re-authenticate ethernet ext.16Quiet period is 60 seconds Timeout period is 30 seconds Dot1x timeout tx-periodDot1x timeout tx-period seconds No dot1x timeout tx-period Consoleconfig-if#dot1x timeout quiet-period Default number of times is Dot1x max-reqDot1x max-req count No dot1x max-req Dot1x timeout supp-timeout Default timeout period is 30 seconds Dot1x timeout server-timeout Consoleconfig-if# dot1x timeout supp-timeoutConsoleconfig-if#dot1x timeout server-timeout Show dot1x Show dot1x ethernet interfaceConsole# show dot1x Console# show dot1x ethernet ext.3 Show dot1x users Show dot1x users username usernameUsername Supplicant username Range 1-160 characters Following example displays 802.1x users Console# show dot1x usersConsole# show dot1x users username Bob Show dot1x statistics Show dot1x statistics ethernet interfaceConsole# show dot1x statistics ethernet ext.1 Dot1x auth-not-req Dot1x auth-not-req No dot1x auth-not-req Consoleconfig-if# dot1x auth-not-req Access is enabledMultiple hosts are disabled Dot1x multiple-hosts Dot1x single-host-violation No traps are sent Consoleconfig-if#dot1x single-host-violation forward trapDot1x guest-vlan Dot1x guest-vlan No dot1x guest-vlan Dot1x guest-vlan enable Following example defines Vlan 2 as a guest Vlan Show dot1x advanced ethernet interface Consoleconfig-if#dot1x guest-vlan enableShow dot1x advanced Console# show dot1x advanced Console# show dot1x advanced ethernet ext.1 Finland Appendix a Getting HelpWorld Wide Web Telephone Holland Myanmar AustraliaCambodia New Zealand 0800 444 Ecuador PanamaUruguay

Intel SBCEGBESW10 CLI manual Dot1x re-authentication, Dot1x timeout re-authperiod

Models: SBCEGBESW10 CLI SBCEGBESW1

dot1x re-authentication

Syntax

dot1x re-authentication

no dot1x re-authentication

Default Configuration

Periodic re-authentication is disabled.

Command Mode

Interface Configuration (Ethernet)

User Guidelines

There are no user guidelines for this command.

Example

Console(config-if)#dot1x re-authentication

dot1x timeout re-authperiod

Syntax