Show the Port Access Entity Port Table

About this task

Use the Port Access Entity (PAE) Port Table to display system-level information for each port the PAE supports. An entry display in this table for each port of this system.

Procedure

  1. In the navigation pane, expand Configuration > Security > Data Path.
  2. Select 802.1X - EAPOL.
  3. Select the EAP Security tab.

EAP Security Field Descriptions

Use the data in the following table to use the EAP Security tab.

Name

Description

PortNumber

Indicates the port number associated with this port.

PortCapabilties

Indicates the capabilities of this PAE port.

  • authImplemented—PACP EAP authenticator functions are implemented in this PAE.

  • virtualPortsImplemented—Virtual Port functions are implemented in this PAE.

PortVirtualPortsEnable

Displays the status of the Virtual Ports function for the real port as True or False.

PortCurrentVirtualPorts

Displays the current number of virtual ports running in the port

PortAuthenticatorEnable

Displays the status of the Authenticator function in the Port Access Entity (PAE) as True or False.

PortSupplicantEnable

Displays the Supplicant function in the Port Access Entity (PAE) as True or False.

AllowNonEapHost

Displays the status if the system is enabled to allow hosts that do not participate in 802.1X authentication to get network access.

Status

Displays the authentication status for this port. The default is forceAuthorized.

MultiHostMaxClients

Indicates the value representing the maximum number of supplicants allowed to get authenticated on the port.

GuestVlanId

Specifies the VLAN to be used as a Guest VLAN. Access to unauthenticated hosts connected to this port is provided through this VLAN. 0 indicates that Guest VLAN is not enabled for this port.

FailOpenVlanId

Specifies the Fail Open VLAN ID for the port. If the switch declares the RADIUS servers unreachable, then all new devices are allowed access into the configured Fail Open VLAN. 0 indicates that Fail Open VLAN is not enabled for this port.

NonEapMaxClients

Indicates the maximum number of non-EAPoL authentication MAC addresses allowed on this port. Zero indicates that non-EAPol authentication is disabled for this port.

EapMaxClients

Indicates the maximum number of EAPoL authentication MAC addresses allowed on this port. Zero indicates that EAPol authentication is disabled for this port.

MultiHostSingleAuthEnabled

Indicates that the unauthenticated devices can access the network only after an EAP or NEAP client is successfully authenticated on the port. The VLAN to which the devices are allowed access is the authenticated client's VLAN. The default is false.

ProcessRadiusCOAPackets

Specifies whether to process any RADIUS requests-server packets that are received on this port.

PortGuestIsid
Note: Exception: Not supported on VSP 8600 Series or XA1400 Series.

Specifies the I-SID to be used as a Guest I-SID. Access to unauthenticated hosts connected to this port is provided through this I-SID. 0 indicates that Guest I-SID is not enabled for this port.

FailOpenIsid
Note: Exception: Not supported on VSP 8600 Series or XA1400 Series.

Specifies the Fail Open I-SID for the port. If the switch declares the RADIUS servers unreachable, then all new devices are allowed access into the configured Fail Open I-SID. 0 indicates that Fail Open I-SID is not enabled for this port.

FlexUniStatus

Note: Exception: Not supported on VSP 4450 Series, VSP 8600 Series, or XA1400 Series.
Displays the Flex-UNI status for the port.

AdminTrafficControl

Note: Exception: Not supported on VSP 8600 Series or XA1400 Series.
Specifies the Administrative Traffic Control for the port. The default is inOut.

OperTrafficControl

Note: Exception: Not supported on VSP 8600 Series or XA1400 Series.
Displays the Operating Traffic Control for the port.

LldpAuthEnabled

Note: Exception: Not supported on VSP 8600 Series or XA1400 Series.
Specifies if LLDP Authentication is enabled. The default is 0 (disabled).

PortOrigin

Note: Exception: Not supported on VSP 8600 Series or XA1400 Series.
Displays the Port Origin configuration status for the port.

DynamicMHSAEnabled

Note: Exception: Not supported on VSP 4450 Series, VSP 8600 Series, or XA1400 Series.
Displays the Dynamic MHSA status for the port.

TrafficControlOrigin

Specifies the origin of Traffic Control configuration on the port. The supported values are:

  • config - Traffic Control is enabled by the user.

  • radius - Traffic Control is enabled by Extensible Authentication Protocol (EAP) through Remote Authentication Dial-In User Service (RADIUS) response.

ReauthOrigin

Note:

Exception: not supported on VSP 8600 Series and XA1400 Series.

Specifies the origin of EAPOL reauthentication configuration on the port, either manually configured through CLI or dynamically configured through RADIUS.

ReauthPeriodOrigin

Note:

Exception: not supported on VSP 8600 Series and XA1400 Series.

Specifies the origin of EAPOL reauthentication period configuration on the port, either manually configured through CLI or dynamically configured through RADIUS.