Display the Current EAP-Based Security Status
Use the following procedure to display the status of the EAP-based security.
Procedure
Examples
Switch:1>show eapol system ================================================================================ Eapol System ================================================================================ eap : disabled Eapol Version : 3 non-eap-pwd-fmt : mac-addr non-eap-pwd-fmt key : ****** non-eap-pwd-fmt padding : disabled auto-isid-offset status : disabled auto-isid-offset value : 1000
Switch:>enable Switch:1#config terminal Switch:1(config)#show eapol sessions eap verbose ================================================================================================= Eap Oper Status Verbose ================================================================================================= PORT MAC PAE VLAN PRI Flex-UNI I-SID VLAN:I-SID ACL ACEs RADIUS DYNAMIC NUM STATUS ID Enable SOURCE SETTINGS ------------------------------------------------------------------------------------------------- 1/13 00:00:11:11:16:02 authenticated 111 1 false n/a DHCPSNOOP, DAI 1/13 00:00:11:11:16:03 authenticated 111 1 false n/a DHCPSNOOP
Switch:>enable Switch:1#config terminal Switch:1(config)#show eapol sessions neap verbose ================================================================================================= Non-Eap Oper Status Verbose ================================================================================================= PORT MAC STATE VLAN PRI Flex-UNI I-SID NON-EAP VLAN:I-SID ACL ACEs RADIUS DYNAMIC NUM ID Enable SOURCE AUTH SETTINGS ------------------------------------------------------------------------------------------------- 1/15 00:00:00:00:00:15 authenticated 1 0 false n/a radius IPSG, DHCPSNOOP, DAI, IGMPSNOOP 1/15 00:00:00:00:00:16 authenticated 1 0 false n/a radius BPDU, SLPPGUARD, WOL, AN-ADVERTISEMENTS:100F ------------------------------------------------------------------------------------------------- Total Number of NEAP Sessions: 2
Variable Definitions
The following table defines parameters for the show eapol command.
Variable |
Value |
---|---|
auth-stats [gigabitEthernet {slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}] |
Displays the authentication statistics interface. Note:
auth-stats [gigabitEthernet {slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}] is useful only for EAP supplicants. The command output changes only when the EAP supplicant tries to access the network. |
port {interface [gigabitEthernet {slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}] | {slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}} |
Specifies the ports to display. If no port is entered, all ports are displayed. |
session-stats interface [gigabitEthernet {slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}] |
Displays the authentication session statistics interface. |
sessions {eap | neap} [vlan<1-4059>] [{slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}] [verbose] |
Displays EAP and non-EAP authentication sessions on the port. |
summary port[{slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}] |
Displays EAP and NEAP clients. |
system |
Displays EAP settings. |