Display the Current EAP-Based Security Status

Use the following procedure to display the status of the EAP-based security.

Procedure

  1. Enter Privileged EXEC mode:

    enable

  2. Display the current EAP-based security status:

    show eapol auth-stats interface [gigabitEthernet {slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}]

    show eapol multihost non-eap-mac status [vlan <1-4059>] [{slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}]

    show eapol port {interface [gigabitEthernet {slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}] | {slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}}

    show eapol session-stats interface [gigabitEthernet {slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}]

    show eapol status interface [vlan <1-4059>] [gigabitEthernet {slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}]

    show eapol summary port [{slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}]

    show eapol system

Examples

Note

Note

Product Notice: auto-isid-offset functionality is not available on VSP 4450 Series, VSP 8600 Series, or XA1400 Series.

Switch:#enable
Switch:1#show eapol system
================================================================================
                                  Eapol System
================================================================================
                     eap : disabled
           Eapol Version : 3
         non-eap-pwd-fmt : mac-addr
     non-eap-pwd-fmt key : ******
 non-eap-pwd-fmt padding : disabled
 auto-isid-offset status : disabled
 auto-isid-offset value  : 1000
--------------------------------------------------------------------------------

Variable Definitions

The following table defines parameters for the show eapol command.

Variable

Value

auth-stats [gigabitEthernet {slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}]

Displays the authentication statistics interface.

Note:

auth-stats [gigabitEthernet {slot/port[/sub-port] [-slot/port[/sub-port]] [,...]} is useful only for EAP supplicants. The command output changes only when the EAP supplicant tries to access the network.

multihost non-eap-mac status [vlan <1-4059>] [{slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}]

Displays EAP multihost configuration.

port {interface [gigabitEthernet {slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}] | {slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}}

Specifies the ports to display. If no port is entered, all ports are displayed.

session-stats interface [gigabitEthernet {slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}]

Displays the authentication session statistics interface.

status interface [vlan <1-4059>] [gigabitEthernet {slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}]

Displays the port EAP operation statistics.

summary port[{slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}]

Displays EAP and NEAP clients.

system

Displays EAP settings.