Use this command to display authentication method information either for all interfaces or a specified port.
| Format | show authentication interface {all | unit/slot/port} |
| Mode | Privileged EXEC |
The following information is displayed for each interface.
| Parameter | Description |
|---|---|
| Authentication Manager Status | The admin status of Authentication on the switch. This is a global configuration. |
| Interface | The interface for which authentication configuration information is being displayed. |
| Port Control Mode | The configured control mode for this port. Possible values are force-unauthorized l auto l unauthorized. |
| Host Mode | The authentication host mode configured on the interface. |
| Authentication Restart timer | The time, in seconds, after which reauthentication starts. |
| Configured method order | The order of authentication methods used on the interface. |
| Enabled method order | The order of authentication methods used on the interface. |
| Configured method priority | The priority for the authentication methods used on the interface. |
| Enabled method priority | The priority for the authentication methods used on the interface. |
| Reauthentication Period | The period after which all clients on the interface will be reauthenticated. |
| Reauthentication Enabled | Indicates whether reauthentication is enabled on the interface. |
| Maximum Users | The maximum number of clients that can be authenticated on the interface if the interface is configured as multi-auth host mode. |
| Guest VLAN ID | The VLAN id to be used to authorize clients that time out or fail authentication due to invalid credentials. This is applicable only for 802.1x unaware clients. |
| Unauthenticated VLAN ID | The VLAN id to be used to authorize clients that that time out or fail authentication due to invalid credentials. This is applicable only for 802.1x clients. |
| Critical VLAN ID | The VLAN id to be used to authorize clients that that time out due to unreachable RADIUS servers. |
| Authentication Violation Mode | The action to be taken when a security violation occurs on a port. |
| Authentication Server Dead action | The action to be undertaken for data clients when all RADIUS servers are found dead. |
| Authentication Server Dead action for Voice | The action to be undertaken for voice clients when all RADIUS servers are found dead. |
| Authentication Server Alive action | The action to be undertaken for data clients when a RADIUS server comes back alive after all were found dead. |
| Allowed Protocols on Unauthorized Port | The action to drop or forward the particular protocol packet from and to unauthorized clients on the port. |
| Open Authentication | Indicates if Open Authentication is enabled on the interface. |
| LinkSec Policy | Displays the MACsec LinkSec configured on the interface. |
Example: The following example displays the output for the command.
(switch) #show authentication interface 1/0/1 Authentication Manager Status.................. Enabled Interface...................................... 1/0/1 Authentication Restart timer................... 300 Configured method order........................ mab undefined undefined Enabled method order........................... mab undefined undefined Configured method priority..................... dot1x mab captive-portal Enabled method priority........................ dot1x mab undefined Reauthentication Period (secs)................. 3600 Reauthentication Enabled....................... False Maximum Users.................................. 48 Guest VLAN ID..... ............................ 0 Unauthenticated VLAN ID........................ 0 Critical Vlan Id............................... 0 Authentication Violation Mode.................. Restrict Authentication Server Dead action.............. None Authentication Server Dead action for Voice.... None Authentication Server Alive action............. None Allowed protocols on unauthorized port......... dhcp Open Authentication............................ Disabled LinkSec Policy................................. Should Secure
