Brocade Communications Systems Brocate Ethernet Access Switch 6910 User Manual

Brocade 6910 Ethernet Access Switch Configuration Guide

187

53-1002581-01

802.1X Port Authentication

9

Command Mode

Privileged Exec

Command Usage

This command displays the following information:

•

Global 802.1X Parameters – Shows whether or not 802.1X port authentication is globally
enabled on the switch (

page 177

).

•

Authenticator Parameters – Shows whether or not EAPOL pass-through is enabled (

page 176

).

•

Supplicant Parameters – Shows the supplicant user name used when the switch responds to
an MD5 challenge from an authenticator (

page 183

).

•

802.1X Port Summary – Displays the port access control parameters for each interface that
has enabled 802.1X, including the following items:

•

Type – Administrative state for port access control (Enabled, Authenticator, or
Supplicant).

•

Operation Mode–Allows single or multiple hosts (

page 179

).

•

Control Mode – Dot1x port control mode (

page 180

).

•

Authorized– Authorization status (yes or n/a - not authorized).

•

802.1X Port Details – Displays the port access control parameters for each interface, including
the following items:

•

Reauthentication – Periodic re-authentication (

page 180

).

•

Reauth Period – Time after which a connected client must be re-authenticated
(

page 181

).

•

Quiet Period – Time a port waits after Max Request Count is exceeded before attempting
to acquire a new client (

page 181

).

•

TX Period – Time a port waits during authentication session before re-transmitting EAP
packet (

page 182

).

•

Supplicant Timeout – Supplicant timeout.

•

Server Timeout – Server timeout. A RADIUS server must be set before the correct
operational value of 10 seconds will be displayed in this field.

•

Reauth Max Retries – Maximum number of reauthentication attempts.

•

Max Request – Maximum number of times a port will retransmit an EAP request/identity
packet to the client before it times out the authentication session (

page 178

).

•

Operation Mode– Shows if single or multiple hosts (clients) can connect to an
802.1X-authorized port.

•

Port Control–Shows the dot1x mode on a port as auto, force-authorized, or
force-unauthorized (

page 180

).

•

Intrusion Action– Shows the port response to intrusion when authentication fails
(

page 177

).

•

Supplicant– MAC address of authorized client.

•

Authenticator State Machine

•

State – Current state (including initialize, disconnected, connecting, authenticating,
authenticated, aborting, held, force_authorized, force_unauthorized).

•

Reauth Count– Number of times connecting state is re-entered.