Viewing detail on status of MAC authenticated client sessions
Syntax:
show port-access mac-based clients <port-list> detailed
Displays detailed information on the status of MAC authenticated client sessions on specified ports.
This syntax shows session status, name, and address for each web-based authenticated client on the switch. The IP address displayed is taken from the DHCP binding table, learned through DHCP snooping. The following can appear if the client's IP address is not available:
n/a
— DHCP snooping is not enabled on the switch;
n/a
is displayed for a client's IP address.
n/a-IPv6
— a web-based authenticated client uses an IPv6 address.
n/a-no info
— DHCP snooping is enabled but no MAC-to-IP address binding for a client is found in the DHCP binding table.
Output for the show port-access mac-based clients detailed command
switch(config)#show port-access mac-based clients 1 detailed Port Access MAC-Based Client Status Detailed Client Base Details : Port : 1 Session Status : authenticated Session Time(sec) : 6 Username : client1 MAC Address : 0010b5-891a9e IP : n/a Access Policy Details : COS Map : 12345678 In Limit % : 98 Untagged VLAN : 4006 Out Limit % : 100 Tagged VLANs : 1, 3, 5, 6, 334, 4001 RADIUS-ACL List : deny in udp from any to 10.2.8.233 CNT Hit Count: 0 permit in udp from any to 10.2.8.233 CNT Hit Count: 0 deny in tcp from any to 10.2.8.233 CNT Hit Count: 0 permit in tcp from any to 10.2.8.233 CNT Hit Count: 0 permit in tcp from
Output for the show port-access mac-based clients command with a specific port (detailed)
switch(config)#show port-access mac-based clients 2 detailed Port Access MAC-Based Client Status Detailed Client Base Details : Port : 2 Client Status : authenticated Session Time : 65 seconds MAC Address : 000000-000010 Session Timeout : 0 seconds IP : n/a Access Policy Details : COS Map : Not Defined In Limit Kbps : Not Set Untagged VLAN : 1 Out Limit Kbps : Not Set Tagged VLANs : No Tagged VLANs Port Mode : 1000FDx Auth Mode : User-based RADIUS ACL List : permit in ip from any to 10.10.10.20 Client Base Details : Port : 2 Client Status : authenticated Session Time : 64 seconds MAC Address : 000000-000100 Session Timeout : 0 seconds IP : n/a Access Policy Details : COS Map : Not Defined In Limit Kbps : Not Set Untagged VLAN : 1 Out Limit Kbps : Not Set Tagged VLANs : No Tagged VLANs Port Mode : 1000FDx Auth Mode : User-based RADIUS ACL List : permit in ip from any to 10.10.10.20 Client Base Details : Port : 2 Client Status : authenticated Session Time : 65 seconds MAC Address : 000000-000200 Session Timeout : 0 seconds IP : n/a Access Policy Details : COS Map : Not Defined In Limit Kbps : Not Set Untagged VLAN : 1 Out Limit Kbps : Not Set Tagged VLANs : No Tagged VLANs Port Mode : 1000FDx Auth Mode : User-based RADIUS ACL List : permit in ip from any to 10.10.10.20 ...