Fortinet 548B User Manual

- 240 -

Display Message

Port: The interface whose configuration is displayed

Protocol Version: The protocol version associated with this port. The only possible value is 1,
corresponding to the first version of the dot1x specification.

PAE Capabilities: The port access entity (PAE) functionality of this port. Possible values are
Authenticator or Supplicant.

Control Mode - The configured control mode for this port. Possible values are force-unauthorized,
force-authorized, auto and mac-based.

Authenticator PAE State: Current state of the authenticator PAE state machine. Possible values
are Initialize, Disconnected, Connecting, Authenticating, Authenticated, Aborting, Held,
ForceAuthorized, and ForceUnauthorized.

Backend Authentication State: Current state of the backend authentication state machine.
Possible values are Request, Response, Success, Fail, Timeout, Idle, and Initialize.

Quiet Period: The timer used by the authenticator state machine on this port to define periods of
time in which it will not attempt to acquire a supplicant. The value is expressed in seconds and will be
in the range of 0 to 65535.

Transmit Period: The timer used by the authenticator state machine on the specified port to
determine when to send an EAPOL EAP Request/Identity frame to the supplicant. The value is
expressed in seconds and will be in the range of 1 to 65535.

Guest VLAN ID: The guest VLAN identifier configured on the interface.

Guest VLAN Period: The timer used by authenticator state machine on this port.

Supplicant Timeout: The timer used by the authenticator state machine on this port to timeout the
supplicant. The value is expressed in seconds and will be in the range of 1 to 65535.

Server Timeout: The timer used by the authenticator on this port to timeout the authentication
server. The value is expressed in seconds and will be in the range of 1 to 65535.

Maximum Requests: The maximum number of times the authenticator state machine on this port
will retransmit an EAPOL EAP Request/Identity before timing out the supplicant. The value will be in
the range of 1 to 10.

Vlan ID: The VLAN assigned to the port by the radius server.

VLAN Assigned Reason: The reason the VLAN identified in the VLAN-assigned field has been
assigned to the port. Possible values are RADIUS, Unauthenticated VLAN, Guest VLAN, default,
and Not Assigned. When the VLAN Assigned Reason is ‘Not Assigned’t, it means that the port has
not been assigned to any VLAN by dot1x.

Reauthentication Period: The timer used by the authenticator state machine on this port to
determine when reauthentication of the supplicant takes place. The value is expressed in seconds
and will be in the range of 1 to 65535.

Reauthentication Enabled: Indicates if reauthentication is enabled on this port. Possible values are
True or False.

Key Transmission Enabled: Indicates if the key is transmitted to the supplicant for the specified
port. Possible values are True or False.

Control Direction: Indicates the control direction for the specified port or ports. Possible values are
both or in.

Maximum Users - The maximum number of clients that can get authenticated on the port in the
MAC-based dot1x authentication mode.

Unauthenticated VLAN ID - Indicates the unauthenticated VLAN configured for this port.

Session Timeout - Indicates the time for which the given session is valid. The time period in
seconds is returned by the RADIUS server on authentication of the port.