show authentication sessions
-
- Last UpdatedSep 23, 2020
- 3 minutes read
Displays details of 802.1X or MAC authentication sessions.
all
| Displays information on all authentication sessions for the stack or standalone unit.
|
ethernet
{
unit
/
slot
/
port
}
| Displays authentication sessions for the specified interface or range of interfaces.
|
unit
unit_number
| Displays authentication sessions for the specified stack unit.
|
brief
| Displays abbreviated information on authentication sessions.
|
detail
| Displays detailed information on authentication sessions.
|
Privileged EXEC or any configuration mode
The following example displays information on all authentication sessions for the stack.
device# show authentication sessions all
-------------------------------------------------------------------------------------------------------------
Port MAC IP(v4/v6) User VLAN Auth Auth ACL Session Age PAE
Addr Addr Name Method State Time State
-------------------------------------------------------------------------------------------------------------
2/1/25 00aa.aaaa.0000 198.1.1.2 MVDI_1 130 MAUTH permit Yes 210 Ena N/A
2/1/25 00aa.aaaa.0001 fe80::2aa:aaff:feaa DVDI_1 130 8021.X permit Yes 210 Ena AUTHENTICATED
3000::2
3000::2
1/1/15 00bb.bbbb.0001 N/A DVDI_2 230 8021.X permit None 500 Ena AUTHENTICATED
1/1/10 0010.9400.1101 N/A MVDI_2 330 MAUTH permit None 410 Ena N/A
The following example displays information on authentication sessions for a specific interface.
device(config)# show authentication sessions ethernet 2/1/25
-------------------------------------------------------------------------------------------------------------
Port MAC IP(v4/v6) User VLAN Auth Auth ACL Session Age PAE
Addr Addr Name Method State Time State
-------------------------------------------------------------------------------------------------------------
2/1/25 00aa.aaaa.0000 198.1.1.2 MVDI_1 130 MAUTH permit Yes 210 Ena N/A
2/1/25 00aa.aaaa.0001 fe80::2aa:aaff:feaa DVDI_1 130 8021.X permit Yes 210 Ena AUTHENTICATED
The following example displays session information for stack unit 1.
device(config)# show authentication sessions unit 1
-------------------------------------------------------------------------------------------------------------
Port MAC IP(v4/v6) User VLAN Auth Auth ACL Session Age PAE
Addr Addr Name Method State Time State
-------------------------------------------------------------------------------------------------------------
1/1/15 00bb.bbbb.0001 N/A DVDI_2 230 8021.X permit None 500 Ena AUTHENTICATED
1/1/10 0010.9400.1101 N/A MVDI_2 330 MAUTH permit None 410 Ena N/A
The following example displays a brief description of authentication sessions.
device# show authentication sessions brief
-----------------------------------------------------------------------------------------------
Port Number of Number of Number of Untagged Dynamic
Attempted Users Authorized Users Denied Users VLAN Type Port ACL
MAC DOT1X MAC DOT1X MAC DOT1X
-----------------------------------------------------------------------------------------------
1/1/7 0 1 0 1 0 0 RADIUS-VLAN No
1/1/8 1 0 1 0 0 0 Auth-Default-VLAN No
1/1/9 0 0 0 0 0 0 Multiple No
1/1/10 0 0 0 0 0 0 Auth-Default-VLAN No
The following example displays a detailed description of authentication sessions on port 17/1/1.
device# show authentication sessions detail ethernet 17/1/1
Auth Session Info (Port 17/1/1, MAC a036.9f6e.1fd2) :
State : Permitted
Auth Method : 802.1X Auth Mode : Single Untagged
VLAN Type : Radius-VLAN VLAN : 200
Voice VLAN : 0 PVID : 0
Tagged VLANs :
User Name : joe.user@arris.com
Session Time : 1381 Reauth Time : 2220
Idle Timeout : 120 Session Timeout : 0
Acct session ID : 2 PCE Index : 65535
PAE State : AUTHENTICATED Age : Disabled
Qos Priority : 0 Failure Reason :
Auth Filter Applied : No Tagged : No
VLAN Add Req State : Complete VLAN Del Req State : Init
Filter Add Req State : Complete Filter Del Req State : Init
Stale : No Delete Pending : No
802.1X Enabled : No Session Control : Self
V4 ACL Applied : No V6 ACL Applied : No
V4 IN ACL (Session) : acl1 V4 OUT ACL (Session) : -
V6 IN ACL (Session) : - V6 OUT ACL (Session) : -
Client Voice Phone : No Client Wireless AP : No
802.1X Capable : Yes
IP Addresses : 10.176.167.145
V4-IN ACL (Dynamic) : 3928 V4-OUT ACL (Dynamic) : 0
V6-IN ACL (Dynamic) : 0 V6-OUT ACL (Dynamic) : 0
V4-IN ACL RefCnt : 1 V4-OUT ACL RefCnt : 0
V6-IN ACL RefCnt : 0 V6-OUT ACL RefCnt : 0
V4 ACL Trap Rule : Yes V6 ACL Trap Rule : No
Addr Change Count : 0 MBV Usage Count : 1
Radius VLAN RefCnt : 1
Auth Order : dot1x, mac-auth Auth Fail Action : Restricted VLAN (3)
Auth Timeout Action : Failure Aging : Enabled
SG Protection : Disabled DOS Protection : Disabled (limit = 512)
Reauthentication : Enabled Reauth Period : 3600
Reauth Timeout : 300 Max Ssessions : 2
Port Control : Auto Quiet Period : 60
Supplicant Time : 30 Tx Period : 3
Max Reauth Requests : 2 Max Frame Retries : 2
| Release version | Command history |
|---|---|
| 08.0.80 | This command was introduced. |