
Configuring RADIUS Server Support for Switch Services
Configuring and Using RADIUS-Assigned Access Control Lists
Syntax: show port-access authenticator < port-list >
For ports, in < port-list > that are configured for authentication, this command indicates
whether there are any RADIUS-assigned features active on the port(s). (Any ports in
< port-list > that are not configured for authentication do not appear in this listing.)
Port: Port number of port configured for authentication.
Auth Clients: Number of authorized clients
Unauth Clients: Number of unauthorized clients
Untagged VLAN: VLAN IDs (VIDs) of the untagged VLANs currently supporting the authenti-
cated connection.
Tagged VLANs: VLAN IDs (VIDs) of the tagged VLANs currently supporting the authenticated
Port CoS: Indicates the status of the current 802.1p priority setting for inbound traffic.
No-override: Indicates that no RADIUS-assigned 802.1p priority is currently active on
the indicated port. (For more on traffic prioritization for the switches covered in this
guide, refer to the chapter titled “Quality of Service (QoS): Managing Bandwidth More
Effectively”, in the Advanced Traffic Configuration Guide.)
0 - 7: Indicates that the displayed 802.1p priority has been assigned by a RADIUS server
to inbound traffic on the indicated port for a currently active, authenticated client
session. This assignment remains active until the session ends.
Kbps In Limit: Indicates the ingress rate-limit assigned by the RADIUS server to the port for
traffic inbound from the authenticated client. If there is no ingress rate-limit assigned, then
Not Set appears in this field.
RADIUS ACL: Indicates whether a RADIUS-assigned ACL is currently active on the port.
Yes: An ACL has been assigned by a RADIUS server to inbound traffic on the indicated
port for a currently active, authenticated client session. This assignment remains
active until the session ends.
No: There is no RADIUS-assigned ACL currently active on the indicated port.
Cntrl Dir: Directions in which flow of incoming and outgoing traffic is blocked on 802.1X-
aware port that has not yet entered the authenticated state:
Both: Incoming and outgoing traffic is blocked on port until authentication occurs.
In: Only incoming traffic is blocked on port before authentication occurs. Outgoing traffic
with unknown destination addresses is flooded on the unauthenticated 802.1X-aware port.