The display dot1x-access-profile configuration command displays the configuration of an 802.1X access profile.
Parameter |
Description |
Value |
|---|---|---|
name access-profile-name |
Displays the configuration of an 802.1X access profile with a specified name. If name access-profile-name is not specified, the device displays all the 802.1X access profiles configured on the device. If name access-profile-name is specified, the device displays the configuration of a specified 802.1X access profile. |
The value must be the name of an existing 802.1X access profile. |
After configuring an 802.1X access profile, you can run this command to check whether the configuration is correct.
# Display all the 802.1X access profiles configured on the device.
<sysname> display dot1x-access-profile configuration
-------------------------------------------------------------------------------
ID Dot1x-Access-Profile Name
-------------------------------------------------------------------------------
0 dot1x_access_profile
1 d1
2 d2
3 d3
4 d4
-------------------------------------------------------------------------------
Total: 5 printed: 5.
Item |
Description |
|---|---|
ID |
802.1X access profile ID. |
Dot1x-Access-Profile Name |
802.1X access profile name. |
# Display the configuration of the 802.1X access profile d1.
<sysname> display dot1x-access-profile configuration name d1
Profile Name : d1
Authentication method : EAP
Port control : authorized-force
Re-authen : Enable
Client-no-response authorize : -
Trigger condition : arp
Unicast trigger : Enable
Trigger dhcp-bind : Enable
Handshake : Disable
Handshake packet-type : request-identity
Max retry value : 2
Reauthen Period : 3600s
Client Timeout : 5s
Handshake Period : 60s
Bound authentication profile : -
Item |
Description |
|---|---|
Profile Name |
802.1X access profile name. |
Authentication method |
Authentication mode of 802.1X users:
To configure the authentication mode, run the dot1x authentication-method command. |
Port control |
802.1X authentication interface's authorization status:
To set an authorization state for an interface, run the dot1x port-control command. |
Re-authen |
Whether re-authentication for online 802.1X users is enabled:
To configure the re-authentication function, run the dot1x reauthenticate command. |
Client-no-response authorize |
Network access rights granted to users when the 802.1X client does not respond. |
Trigger condition |
Packet type that can trigger 802.1X authentication:
To configure the packet type, run the authentication trigger-condition command. |
Unicast trigger |
Whether 802.1X authentication triggered by unicast packets is enabled:
To configure the function, run the dot1x unicast-trigger command. |
Trigger dhcp-bind |
Whether the device is enabled to automatically generate DHCP snooping binding entries for users with static IP addresses:
|
Handshake |
Whether handshake with online 802.1X authentication users is enabled:
|
Handshake packet-type |
Type of 802.1X authentication handshake packets:
|
Max retry value |
Maximum number of attempts to send authentication requests to 802.1X users. To configure the maximum value, run the dot1x retry command. |
Reauthen Period |
Re-authentication interval for online 802.1X users. To configure the re-authentication interval, run the dot1x timer command. |
Client Timeout |
Authentication timeout period for 802.1X clients. To configure the authentication timeout period, run the dot1x timer command. |
Handshake Period |
Interval at which the device handshakes with an 802.1X client on a non-Eth-Trunk interface. To configure the interval, run the dot1x timer command. |
Bound authentication profile |
Authentication profile to which the 802.1X access profile is bound. To configure the authentication profile, run the dot1x-access-profile command. |