Display the Current EAP-Based Security Status
Use the following procedure to display the status of the EAP-based security.
Procedure
Examples
Switch:1>show eapol system
================================================================================
Eapol System
================================================================================
eap : disabled
Eapol Version : 3
non-eap-pwd-fmt : mac-addr
non-eap-pwd-fmt key : ******
non-eap-pwd-fmt padding : disabled
auto-isid-offset status : disabled
auto-isid-offset value : 1000
Switch:>enable
Switch:1#config terminal
Switch:1(config)#show eapol sessions eap verbose
=================================================================================================
Eap Oper Status Verbose
=================================================================================================
PORT MAC PAE VLAN PRI Flex-UNI I-SID VLAN:I-SID ACL ACEs RADIUS DYNAMIC
NUM STATUS ID Enable SOURCE SETTINGS
-------------------------------------------------------------------------------------------------
1/13 00:00:11:11:16:02 authenticated 111 1 false n/a DHCPSNOOP, DAI
1/13 00:00:11:11:16:03 authenticated 111 1 false n/a DHCPSNOOP
Switch:>enable
Switch:1#config terminal
Switch:1(config)#show eapol sessions neap verbose
=================================================================================================
Non-Eap Oper Status Verbose
=================================================================================================
PORT MAC STATE VLAN PRI Flex-UNI I-SID NON-EAP VLAN:I-SID ACL ACEs RADIUS DYNAMIC
NUM ID Enable SOURCE AUTH SETTINGS
-------------------------------------------------------------------------------------------------
1/15 00:00:00:00:00:15 authenticated 1 0 false n/a radius IPSG, DHCPSNOOP, DAI, IGMPSNOOP
1/15 00:00:00:00:00:16 authenticated 1 0 false n/a radius BPDU, SLPPGUARD, WOL, AN-ADVERTISEMENTS:100F
-------------------------------------------------------------------------------------------------
Total Number of NEAP Sessions: 2
Variable Definitions
The following table defines parameters for the show eapol command.
|
Variable |
Value |
|---|---|
|
auth-stats [gigabitEthernet {slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}] |
Displays the authentication statistics interface. Note:
auth-stats [gigabitEthernet {slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}] is useful only for EAP supplicants. The command output changes only when the EAP supplicant tries to access the network. |
|
port {interface [gigabitEthernet {slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}] | {slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}} |
Specifies the ports to display. If no port is entered, all ports are displayed. |
|
session-stats interface [gigabitEthernet {slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}] |
Displays the authentication session statistics interface. |
|
sessions {eap | neap} [vlan<1-4059>] [{slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}] [verbose] |
Displays EAP and non-EAP authentication sessions on the port. |
|
summary port[{slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}] |
Displays EAP and NEAP clients. |
|
system |
Displays EAP settings. |