Viewing detail on status of MAC authenticated client sessions

Syntax:


show port-access mac-based clients <port-list> detailed

Displays detailed information on the status of MAC authenticated client sessions on specified ports.

This syntax shows session status, name, and address for each web-based authenticated client on the switch. The IP address displayed is taken from the DHCP binding table, learned through DHCP snooping. The following can appear if the client's IP address is not available:

n/a — DHCP snooping is not enabled on the switch; n/a is displayed for a client's IP address.

n/a-IPv6 — a web-based authenticated client uses an IPv6 address.

n/a-no info — DHCP snooping is enabled but no MAC-to-IP address binding for a client is found in the DHCP binding table.

Output for the show port-access mac-based clients detailed command

switch(config)#show port-access mac-based clients 1 detailed

Port Access MAC-Based Client Status Detailed

 Client Base Details :
  Port           : 1
  Session Status : authenticated   Session Time(sec) : 6
  Username       : client1         MAC Address       : 0010b5-891a9e
  IP             : n/a

 Access Policy Details :
  COS Map       : 12345678                In Limit % : 98
  Untagged VLAN : 4006                   Out Limit % : 100
  Tagged VLANs  : 1, 3, 5, 6, 334, 4001
  RADIUS-ACL List :
    deny in udp from any to 10.2.8.233 CNT
       Hit Count: 0
    permit in udp from any to 10.2.8.233 CNT
       Hit Count: 0
    deny in tcp from any to 10.2.8.233 CNT
       Hit Count: 0
    permit in tcp from any to 10.2.8.233 CNT
      Hit Count: 0
    permit in tcp from

Output for the show port-access mac-based clients command with a specific port (detailed)

switch(config)#show port-access mac-based clients 2 detailed

Port Access MAC-Based Client Status Detailed

Client Base Details :
Port : 2
Client Status : authenticated           Session Time : 65 seconds
MAC Address : 000000-000010             Session Timeout : 0 seconds
IP : n/a

Access Policy Details :
COS Map : Not Defined                   In Limit Kbps : Not Set
Untagged VLAN : 1                       Out Limit Kbps : Not Set
Tagged VLANs : No Tagged VLANs
Port Mode : 1000FDx                     Auth Mode : User-based
RADIUS ACL List :
permit in ip from any to 10.10.10.20

Client Base Details :
Port : 2
Client Status : authenticated           Session Time : 64 seconds
MAC Address : 000000-000100             Session Timeout : 0 seconds
IP : n/a

Access Policy Details :
COS Map : Not Defined                   In Limit Kbps : Not Set
Untagged VLAN : 1                       Out Limit Kbps : Not Set
Tagged VLANs : No Tagged VLANs
Port Mode : 1000FDx                     Auth Mode : User-based
RADIUS ACL List :
permit in ip from any to 10.10.10.20

Client Base Details :
Port : 2
Client Status : authenticated           Session Time : 65 seconds
MAC Address : 000000-000200             Session Timeout : 0 seconds
IP : n/a

Access Policy Details :
COS Map : Not Defined                   In Limit Kbps : Not Set
Untagged VLAN : 1                       Out Limit Kbps : Not Set
Tagged VLANs : No Tagged VLANs
Port Mode : 1000FDx                     Auth Mode : User-based
RADIUS ACL List :
permit in ip from any to 10.10.10.20
...