Displaying the status of strict security mode – Brocade FastIron Ethernet Switch Security Configuration Guide User Manual

Page 208

Advertising
background image

Syntax: show dot1x mac-address-filter [ all | ethernet port ]

The all keyword displays all dynamically applied MAC address filters active on the device.

To display the dynamically applied IP ACLs active on an interface, enter a command such as the
following.

device#show dot1x ip-ACL e

1/3

Port 1/3 IP ACL information:

802.1X dynamic IP ACL (user defined) in:

ip access-list extended Port_1/3_E_IN in

Port default IP ACL in:

No inbound ip access-list is set

802.1X dynamic IP ACL (user defined) out:

ip access-list extended Port_1/3_E_OUT out

Port default IP ACL out:

No outbound ip access-list is set

Syntax: show dot1x ip-ACL [ all | ethernet port ]

The all keyword displays all dynamically applied IP ACLs active on the device.

Displaying the status of strict security mode

The output of the show dot1x and show dot1x config commands indicate whether strict security
mode is enabled or disabled globally and on an interface.

Displaying the status of strict security mode globally on the device

To display the status of strict security mode globally on the device, enter the show dot1x command.

Brocade#show dot1x

PAE Capability : Authenticator Only

system-auth-control : Enable

re-authentication : Disable

global-filter-strict-security : Enable

quiet-period : 60 Seconds

tx-period : 30 Seconds

supptimeout : 30 Seconds

servertimeout : 30 Seconds

maxreq : 2

reAuthMax : 2

re-authperiod : 3600 Seconds

Protocol Version : 1

Syntax: show dot1x

Displaying the status of strict security mode on an interface

To display the status of strict security mode on an interface, enter a command such as the following

Brocade#show dot1x configuration ethernet 4/1/12

Port-Control : control-auto

filter strict security : Enable

Action on RADIUS timeout : Restart authentication

Authentication-fail-action : Restricted VLAN(299)

PVID State : Normal (1)

Original PVID : 1

Authorized PVID ref count : 2

Restricted PVID ref count : 0

Radius assign PVID ref count : 0

num mac sessions : 2

num mac authorized : 2

num Dynamic Tagged Vlan : 0

Number of Auth filter : 0

Displaying the status of strict security mode

208

FastIron Ethernet Switch Security Configuration Guide

53-1003088-03

Advertising
Popular Brands
Popular manuals