Fortinet black logo

Administration Guide

Home FortiSwitch 7.2.3 Administration Guide

Viewing the 802.1X details

7.2.3
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.9
7.0.8
7.0.6
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.11
6.4.6
6.4.5
6.4.3
6.4.2
6.4.0
6.2.5
6.2.2
6.2.1
6.2.0
Copy Link
Copy Doc ID 2d1d802e-71d2-11ed-8e6d-fa163e15d75b:110312
Download PDF

Viewing the 802.1X details

Using the GUI:

Go to Switch >Monitor > 802.1x Status.

Click the interface name to display the Session page.

Using the CLI:

Use the following command to show diagnostics on one or all ports:

diagnose switch 802-1x status [<port>]

For example:

diagnose switch 802-1x status port3

port3: Mode: mac-based (mac-by-pass enable)
	Link: Link up
	Port State: authorized: ( )
	Dynamic Allowed Vlan list: 101
	Dynamic Untagged Vlan list: 101
	EAP pass-through : Enable
	Auth Order : MAB-dot1x
	Auth Priority : Legacy
	EAP egress-frame-tagged : Enable
	EAP auto-untagged-vlans : Enable
	Allow MAC Move : Disable
	Dynamic Access Control List : Disable
	Quarantine VLAN (4093) detection : Enable
	Native Vlan : 101
	Allowed Vlan list: 1-200
	Untagged Vlan list: 101
	Guest VLAN :
	Auth-Fail Vlan :
	AuthServer-Timeout Vlan :

	Switch sessions 1/240, Local port sessions:1/20
	Client MAC Type Traffic-Vlan Dynamic-Vlan
	f0:4d:a2:be:a3:31 802.1x 101 101

	Sessions info:
	f0:4d:a2:be:a3:31 Type=802.1x,TTLS,state=AUTHENTICATED,etime=0,eap_cnt=9 params:reAuth=60
	user="local-RADIUS",security_grp="radiusgrp",fortinet_grp="Radius_Admins"
Previous
Next

Viewing the 802.1X details

Using the GUI:

Go to Switch >Monitor > 802.1x Status.

Click the interface name to display the Session page.

Using the CLI:

Use the following command to show diagnostics on one or all ports:

diagnose switch 802-1x status [<port>]

For example:

diagnose switch 802-1x status port3

port3: Mode: mac-based (mac-by-pass enable)
	Link: Link up
	Port State: authorized: ( )
	Dynamic Allowed Vlan list: 101
	Dynamic Untagged Vlan list: 101
	EAP pass-through : Enable
	Auth Order : MAB-dot1x
	Auth Priority : Legacy
	EAP egress-frame-tagged : Enable
	EAP auto-untagged-vlans : Enable
	Allow MAC Move : Disable
	Dynamic Access Control List : Disable
	Quarantine VLAN (4093) detection : Enable
	Native Vlan : 101
	Allowed Vlan list: 1-200
	Untagged Vlan list: 101
	Guest VLAN :
	Auth-Fail Vlan :
	AuthServer-Timeout Vlan :

	Switch sessions 1/240, Local port sessions:1/20
	Client MAC Type Traffic-Vlan Dynamic-Vlan
	f0:4d:a2:be:a3:31 802.1x 101 101

	Sessions info:
	f0:4d:a2:be:a3:31 Type=802.1x,TTLS,state=AUTHENTICATED,etime=0,eap_cnt=9 params:reAuth=60
	user="local-RADIUS",security_grp="radiusgrp",fortinet_grp="Radius_Admins"
Previous
Next