10-54
Configuring Port-Based and User-Based Access Control (802.1X)
Displaying 802.1X Configuration, Statistics, and Counters
Table 10-3. Field Descriptions of show port-access authenticator config Command Output (Figure 10-11)
Field Description
Port-access
authenticator activated
Whether 802.1X authentication is enabled or disabled on specified port(s).
Port Port number on switch.
Re-auth Period Period of time (in seconds) after which clients connected to the port need to be re-
authenticated.
Access Control Port’s authentication mode:
Auto: Network access is allowed to any connected device that supports 802.1X
authentication and provides valid 802.1X credentials.
Authorized: Network access is allowed to any device connected to the port,
regardless of whether it meets 802.1X criteria.
Unauthorized: Network access is blocked to any device connected to the port,
regardless of whether the device meets 802.1X criteria.
Max reqs Number of authentication attempts that must time-out before authentication fails and
the authentication session ends.
Quiet Period Period of time (in seconds) during which the port does not try to acquire a supplicant.
TX Timeout Period of time (in seconds) that the port waits to retransmit the next EAPOL PDU
during an authentication session.
Supplicant Timeout Period of time (in seconds) that the switch waits for a supplicant response to an EAP
request.
Server Timeout Period of time (in seconds) that the switch waits for a server response to an
authentication request.
Cntrl Dir Directions in which flow of incoming and outgoing traffic is blocked on 802.1X-aware
port that has not yet entered the authenticated state:
Both: Incoming and outgoing traffic is blocked on port until authentication occurs.
In: Only incoming traffic is blocked on port before authentication occurs. Outgoing
traffic with unknown destination addresses is flooded on the unauthenticated
802.1X-aware port.
