Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual
Page 334
316
Multi-Service IronWare Security Configuration Guide
53-1003035-02
Displaying 802.1x information
8
The following table describes the information displayed by the show dot1x command.
TABLE 49
Output from the show dot1x command
This field...
Displays...
PAE Capability
The Port Access Entity (PAE) role for the device. This is always “Authenticator
Only”.
system-auth-control
Whether system authentication control is enabled on the device. The
dot1x-enable command enables system authentication control on the device.
Number of ports enabled
Number of interfaces on the devices that have been enabled for 802.1x.
re-authentication
Whether periodic re-authentication is enabled on the device. Refer to
“Configuring periodic re-authentication”
.
When periodic re-authentication is enabled, the device automatically
re-authenticates clients every 3,600 seconds by default.
global-filter-strict-security
Whether or not strict security mode is enabled globally.
quiet-period
When the device is unable to authenticate a client, the amount of time the
device waits before trying again (default 60 seconds).
Refer to
for information on how to change this
setting.
tx-period
When a client does not send back an EAP-response or identity frame, the
amount of time the device waits before retransmitting the EAP-request or
identity frame to a client (default 30 seconds).
Refer to
“Setting the interval for retransmission of EAP-request or identity
for information on how to change this setting.
supp-timeout
When a client does not respond to an EAP-request frame, the amount of time
before the device retransmits the frame.
Refer to
“Specifying a timeout for retransmission of EAP-request frames to the
for information on how to change this setting.
server-timeout
When the Authentication Server does not respond to a message sent from the
client, the amount of time before the device retransmits the message.
Refer to
“Specifying a timeout for retransmission of messages to the
for information on how to change this setting.
max-req
The number of times the device retransmits an EAP-request or identity frame if
it does not receive an EAP-response or identity frame from a client (default 2
times).
Refer to
“Specifying the number of EAP-request or identity frame
for information on how to change this setting.
re-authperiod
How often the device automatically re-authenticates clients when periodic
re-authentication is enabled (default 3,600 seconds).
Refer to
“Configuring periodic re-authentication”
for information on how to
change this setting.
security-hold-time
This field is not supported.
Protocol Version
The version of the 802.1x protocol in use on the device.
Auth-fail-action
The configured authentication-failure action. This can be Restricted VLAN or
Block Traffic.
Mac Session Aging
Whether aging for dot1x-mac-sessions has been enabled or disabled for
permitted or denied dot1x-mac-sessions.