show netlogin session

show netlogin session {all | summary} {mac-address mac_address} {ports ports} {agent [convergence-endpointdot1x | mac | web-based]}

Description

Use this command to display the active authenticated sessions for both policy and non-policy mode.

Syntax Description


all	Include sessions with 'terminated' status.
summary	Do not display detailed information.
mac-address	Specify a MAC address.
`mac_address`	Specify a MAC address.
ports	Port or range of ports.
`ports`	Port or range of ports.
agent	Specify an agent type.
dot1x	IEEE 802.1X Port-Based Network Access Control.
mac	MAC authentication.
web-based	Web-based authentication.
convergence-endpoint	Convergence-endpoint authentication.

Default

N/A.

Usage Guidelines

None.

Example

The following example shows a summary of the active authenticated sessions:

# show netlogin session summary 
Port         Address type Address                  X W M C B
------------ ------------ ------------------------ ---------
23           mac          00:00:88:88:00:00            X   
23           mac          00:00:88:88:00:01            X   X
23           mac          00:00:88:88:00:02            X   X
23           mac          00:00:88:88:00:03            X   X
23           mac          00:00:88:88:00:04            X   
------------ ------------ ------------------------ ---------
X - dot1x
W - web-based
M - mac
C - convergence-endpoint
B - Blackholed in FDB

The following example shows information about the authentication sessions:

show netlogin session
Multiple authentication session entries
---------------------------------------

Port            : 1:1         Station address   : 00:04:f2:9f:48:fe
Auth status     : success     Last attempt      : Fri Nov 17 21:56:01 2017
Agent type      : cep         Session applied   : true
Server type     : local       VLAN-Tunnel-Attr  : None
Policy index    : 2           Policy name       : NProfile_16 (active)
Session timeout : 0           Session duration  : 2 days, 21:57:19
Idle timeout    : 300         Idle time         : 0:00:00
Auth-Override   : enabled     Termination time  : Not Terminated
Dynamic Web-redirect : http://10.127.26.8:80/static/index.jsp

Port            : 15          Station address   : 00:00:00:00:0b:00 
Auth status     : success     Last attempt      : Thu Jan 30 12:48:04 2020      
Agent type      : mac         Session applied   : false
Server type     : local       VLAN-Tunnel-Attr  : None
Policy index    : 0           Policy name       : No Policy applied
Session timeout : 0           Session duration  : 0:00:04                       
Idle timeout    : 0           Idle time         : 0:00:00                       
Auth-Override   : disabled    Termination time  : Not Terminated

The following example shows information about dynamic captive portal redirection using RADIUS VSA (lines 12-14):

# show netlogin session
Multiple authentication session entries
---------------------------------------

Port            : 25          Station address   : 00:0a:01:00:00:02
Auth status     : success     Last attempt      : Mon Sep 22 18:17:20 2025
Agent type      : mac         Session applied   : true
Server type     : radius      VLAN-Tunnel-Attr  : None
Policy index    : 2           Policy name       : profile2 (active)
Session timeout : 40          Session duration  : 0:00:01
Idle timeout    : 50          Idle time         : 0:00:00
Auth-Override   : disabled    Termination time  : Not Terminated
Dynamic Web-redirect : http://2.2.2.2:8012/
* (CIT_33.5.0.259) 5320-24P-8XE-SwitchEngine.5 # sh policy captive-portal web-redirect 00:0a:01:00:00:02

Dynamic Web-redirect  : http://2.2.2.2:8012/

History

This command was first available in ExtremeXOS 16.1.

Sessions shown for both policy and non-policy mode was added in ExtremeXOS 30.7.

Sessions shown for dynamic captive portal redirection using RADIUS VSA was added in version 33.5.1.

Platform Availability

This command is available on ExtremeSwitching X435, X440-G2, X450-G2, X460-G2, X465, and X695 series switches.