Show commands
show captive-portal profile
Syntax
show captive-portal profile
Description
Show Captive Portal profile configuration.
show captive-portal profile
(config)# show captive-portal profile Captive Portal Profile Configuration Name : use-radius-vsa Type : predefined URL : Name : myCaptivePortalProfile Type : custom URL : http://mycppm.local/guest/captive_portal_login.php
show user-role
Syntax
show user-role [<ROLE-NAME>] [detailed]Description
Show users role configuration.
Options
| Show user roles by role-name. |
| Show user roles in detail by role-name. |
show user-role
Switch# show user-role User Roles Enabled : <Yes/No> Initial Role : denyall Type Name ---------- ------------ local Employee local Guest predefined denyall
show user-role <ROLE-NAME>
Switch# show user-role captivePortalwithVSA User Role Information Name : captivePortalwithVSA Type : local Reauthentication Period (seconds) : 0 Untagged VLAN : 610 Captive Portal Profile : use-radius-vsa Policy : cppolicy
show user-role detailed
The example shows how to configure user roles to use Clearpass as a Captive Portal. The Captive Portal URL is specified in a RADIUS VSA.
Switch# show user-role captivePortalwithVSA detailed
User Role Information
Name : captivePortalwithVSA
Type : local
Reauthentication Period (seconds) : 0
VLAN : 610
Captive Portal Profile : use-radius-vsa
URL : (use RADIUS VSA)
Policy : cppolicy
Statements for policy "cppolicy"
policy user "cppolicy"
10 class ipv4 "cppm" action permit
20 class ipv4 "steal" action redirect captive-portal
30 class ipv4 "other" action permit
exit
Statements for class IPv4 "cppm"
class ipv4 "cppm"
10 match tcp 0.0.0.0 255.255.255.255 1.0.9.15 0.0.0.0 eq 80
20 match tcp 0.0.0.0 255.255.255.255 1.0.9.15 0.0.0.0 eq 443
exit
Statements for class IPv4 "steal"
class ipv4 "steal"
10 match tcp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 eq 80
20 match tcp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 eq 443
exit
Statements for class IPv4 "other"
class ipv4 "other"
10 match udp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 eq 53
20 match udp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 eq 67
30 match icmp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
exit
show port-access clients
Syntax
show port-access clients [detailed]
Description
Use this command to display the status of active authentication sessions.
show port-access clients
Port Access Client Status Port Client Name MAC Address IP Address User Role Type VLAN ----- ------------- ------------- --------------- -------------------- ------ 1/A18 001517581ec4 001517-581ec4 10.108.1.201 ixia1 MAC 108 A7 000c29-5121fc n/a denyall LOCAL A8 000c29-d12996 n/a myrole LOCAL 42
show port-access clients detailed
Switch (config)# show port-access clients detailed
Port Access Client Status Detail
Client Base Details :
Port : 1/A18 Authentication Type : mac-based
Client Status : authenticated Session Time : 11 seconds
Client Name : 001517581ec4 Session Timeout : 60 seconds
MAC Address : 001517-581ec4
IP : 10.108.1.201
User Role Information
Name : ixia1
Type : local
Reauthentication Period (seconds) : 60
Untagged VLAN : 108
Tagged VLANs :
Captive Portal Profile :
Policy : policyIxia1
Statements for policy "policyIxia1"
policy user "policyIxia1"
10 class ipv4 "classIxia1" action rate-limit kbps 11000
exit
Statements for class IPv4 "classIxia1"
class ipv4 "classIxia1"
10 match ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
exit