Filter
Top Products
452 Building a Network Access Control Solution with IBM Tivoli and Cisco Systems
Cisco IOS Software router
On a Cisco router running Cisco IOS Software, these commands are useful for
debugging:
show eou Shows eou (EAPoverUDP) settings including
polling cycle timeouts.
show eou all Shows current eou cache data.
eou logging Turns on eou logging output.
eou reval ip xx.xx.xx.xx Forces immediate revalidation of client with IP
address xx.xx.xx.xx.
clear ip admission cache * Clears the IP admission cache for all clients
(forced revalidation of all clients).
Cisco IOS Software switch
For Cisco switches configured for IP-based NAC, the commands listed in the
preceding section apply to both a router and a switch. For 802.1x-based NAC a
useful command is the following. (NAC values are in bold at the bottom of the
output.)
show dot1x interface (interface) details
Dot1x Info for FastEthernet1/0/10
-----------------------------------
PAE = AUTHENTICATOR
PortControl = AUTO
ControlDirection = Both
HostMode = SINGLE_HOST
ReAuthentication = Enabled
QuietPeriod = 60
ServerTimeout = 30
SuppTimeout = 30
ReAuthPeriod = (From Authentication Server)
ReAuthMax = 2
MaxReq = 2
TxPeriod = 30
RateLimitPeriod = 0
Dot1x Authenticator Client List
-------------------------------
Supplicant = 000c.2929.25cd
Auth SM State = AUTHENTICATED
Auth BEND SM Stat = IDLE
Port Status = AUTHORIZED
ReAuthPeriod = 60
ReAuthAction = Reauthenticate