No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fit AP V200R010C00 Command Reference

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
display dot1x

display dot1x

Function

The display dot1x command displays 802.1X authentication information.

NOTE:

Only branch APs support this command.

Format

display dot1x [ statistics ]

Parameters

Parameter

Description

Value

statistics

Displays statistics on 802.1X authentication.

The statistics about 802.1X authentication is displayed only when this parameter is specified.

-

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

Usage Scenario

You can run the display dot1x command to view configuration results of all configuration commands in 802.1X authentication and statistics about 802.1X packets.

The command output helps you to check whether the current 802.1X authentication configuration is correct and isolate faults accordingly.

Follow-up Procedure

The display dot1x command displays the statistics on 802.1X packets. You can locate the fault according to the packet statistics. When the fault is rectified, run the reset dot1x statistics command to clear the packet statistics. After a period of time, run the display dot1x command again to check the packet statistics. If no error packet is found, the fault is rectified.

Example

# Display 802.1X authentication information.
<Huawei> display dot1x
  Max users: 10000
  Current users: 1
  Global default domain is jqq
  Dot1x abnormal-track cache-record-num: 20
  Quiet function is Disabled
  Mc-trigger port-up-send is Disabled
  Parameter set:Quiet Period                 180s   Quiet-times          1
                Tx Period                     30s   
  Dot1x URL: 123456

 Wlan-Dbss0 status: UP  802.1x protocol is Enabled
  Dot1x access profile is jqq
  Authentication mode is multi-authen
  Authentication method is EAP
  Reauthentication is enabled
  Reauthen period: 300s
  Dot1x retry times: 2
  Authenticating users: 0
  Current users: 0

  Authentication Success: 0          Failure: 0
  Enter Enquence        : 0
  EAPOL Packets: TX     : 68         RX     : 0
  Sent      EAPOL Request/Identity Packets  : 3
            EAPOL Request/Challenge Packets : 0
            Multicast Trigger Packets       : 64
            EAPOL Success Packets           : 0
            EAPOL Failure Packets           : 1
  Received  EAPOL Start Packets             : 0
            EAPOL Logoff Packets            : 0
            EAPOL Response/Identity Packets : 0
            EAPOL Response/Challenge Packets: 0

 Online user(s) info:
 UserId   MAC/VLAN            AccessTime              UserName
 ------------------------------------------------------------------------------
 1047     1044-00c7-07a9/27   2018/12/06 19:27:54     jqq
 ------------------------------------------------------------------------------
 Total: 1, printed: 1

# Display 802.1X statistics.

<Huawei> display dot1x statistics
  Dropped   EAPOL Access Flow Control       : 0
            EAPOL Check Sysmac Error        : 0
            EAPOL Get Vlan ID Error         : 0
            EAPOL Packet Flow Control       : 0
            EAPOL Online User Reach Max     : 0
            EAPOL Static or BlackHole Mac   : 0
            EAPOL Get Vlan Mac Error        : 0
            EAPOL Temp User Exist           : 0
            EAPOL no replace dot1x          : 0  

  DHCP      Enter Enqueue                        : 0
            Processed Packet                     : 0
            Dropped Packet                       : 0

  ARP       Enter Enqueue                        : 0
            Processed Packet                     : 0
            Dropped Packet                       : 0

  ND        Enter Enqueue                        : 0
            Processed Packet                     : 0
            Dropped Packet                       : 0

  DHCPv6    Enter Enqueue                        : 0
            Processed Packet                     : 0
            Dropped Packet                       : 0

  Sent      Authentication Request               : 0
            Cut Request                          : 0
            Cut Command Ack                      : 0
            Authentication Ack Fail Aff          : 0
            Update Ip                            : 0
            Wlan Eap Authentication Request      : 0
            Wlan Eap Authentication Request Ack  : 0
            Wlan Eap Send Pmk                    : 0
            Wlan Eap Reauthenticate Send Pmk     : 0
            Update User Online Time              : 0

  Received  Authentication Ack                   : 0
            Reauthenticate Command               : 0
            Cut Command                          : 0
            Cut Ack                              : 0
            Sam Nac Ack                          : 0
            Notify Server Up                     : 0
            Wlan Eap Authentication Request      : 0
            Wlan Mac Authentication Request      : 0
            Notify Vlanif Mac Authentication     : 0
Table 13-22  Description of the display dot1x command output

Item

Description

Max users

Maximum number of global online users.

Current users

Number of current online users.

Global default domain is

Global default authentication domain.

Dot1x abnormal-track cache-record-num Number of EAP packets for abnormal 802.1X authentication that can be recorded by the device.

Quiet function is

Whether the quiet function is enabled.

  • Enabled.
  • Disabled.

Parameter set

Settings of 802.1X parameters:
  • Quiet Period: specifies the quiet period set by the quiet timer.
  • Quiet-times: specifies the maximum number of authentication failures before the device quiets a user.
  • Tx Period: specifies the interval for sending authentication requests.

Dot1x URL

Redirect-to URL for HTTP access of 802.1X users.

interface status

Interface status:
  • UP: The interface is enabled.
  • DOWN: The interface is shut down.

802.1x protocol is

Whether 802.1X authentication is enabled on the interface.

  • Enabled.
  • Disabled.

Dot1x access profile is

802.1X access profile name.

Authentication mode is

User access mode.

Authentication method is

Authentication mode of 802.1X users.

Reauthentication is

Whether re-authentication is enabled for online 802.1X users.

Dot1x retry times

Maximum number of attempts to send authentication requests to 802.1X users.

Authenticating users

Number of users who are being authenticated.

Current users

Number of online users on the interface.

Authentication Success

Number of successful authentications.

The statistics include statistics on online 802.1X users but not on the users using MAC address bypass authentication.

Failure

Number of failed authentications.

The statistics include statistics on online 802.1X users but not on the users using MAC address bypass authentication.

Enter Enquence

Number of packets entering the queue.

EAPOL Packets

Number of globally EAPOL packets.

  • TX: Number of sent EAPOL packets.
  • RX: Number of received EAPOL packets.

Sent

Statistics of sent packet.

EAPOL Request/Identity Packets

Number of globally EAPOL Request/Identity packets.

EAPOL Request/Challenge Packets

Number of globally EAPOL Request/Challenge packets.

Multicast Trigger Packets

Number of multicast packets that trigger authentication.

EAPOL Success Packets

Number of globally EAPOL Success packets.

EAPOL Failure Packets

Number of globally EAPOL Failure packets.

Received

Statistics of received packet.

EAPOL Start Packets

Number of globally EAPOL Start packets.

EAPOL Logoff Packets

Number of globally EAPOL LogOff packets.

EAPOL Response/Identity Packets

Number of globally EAPOL Response/Identity packets.

EAPOL Response/Challenge Packets

Number of globally EAPOL Response/Challenge packets.

Online user(s) info Online user information:
  • UserId: User ID.
  • MAC/VLAN: MAC address/VLAN ID.
  • AccessTime: Access time.
  • UserName: User name.
  • Total: Total number of online users.
  • printed: Number of displayed online users.
Dropped
Number of discarded EAP packets.
  • EAPOL Access Flow Control: number of packets that are discarded because the user access rate is exceeded.
  • EAPOL Check Sysmac Error: number of packets that are discarded because the device MAC address is incorrect.
  • EAPOL Get Vlan ID Error: number of packets that are discarded because the obtained VLAN ID is incorrect.
  • EAPOL Packet Flow Control: number of packets that are discarded because the packet access rate is exceeded.
  • EAPOL Online User Reach Max: number of packets that are discarded because the number of online users reaches the maximum.
  • EAPOL Static or BlackHole Mac: number of packets that are discarded because the packet MAC address is a static MAC address or blackhole MAC address.
  • EAPOL Get Vlan Mac Error: number of packets that are discarded because the obtained VLAN MAC address is incorrect.
  • EAPOL Temp User Exist: number of packets that are discarded because the temporary user exists.
  • EAPOL no replace dot1x: number of EAP Start packets that are discarded due to 802.1X authentication of successfully authenticated MAC or Portal users.
DHCP DHCP packet statistics.
ARP ARP packet statistics.
ND ND packet statistics.
DHCPv6 DHCPv6 packet statistics.
Processed Packet Number of processed packets.
Dropped Packet Number of discarded packets.
Authentication Request Number of authentication request messages.
Cut Request Number of logout request messages.
Cut Command Ack Number of acknowledgment messages to logout command request messages.
Authentication Ack Fail Aff Number of the user is disconnected after the wireless user authentication fails.
Update Ip Number of IP address update messages.
Wlan Eap Authentication Request Number of EAP authentication request messages initiated by the WLAN module.
Wlan Eap Authentication Request Number of EAP authentication request messages initiated by the WLAN module.
Wlan Eap Authentication Request Ack Number of acknowledgment messages to EAP authentication request messages initiated by the WLAN module.
Wlan Eap Send Pmk Number of PMK messages sent when the WLAN module performs EAP authentication.
Wlan Eap Reauthenticate Send Pmk Number of PMK messages sent when the WLAN module performs EAP re-authentication.
Update User Online Time Number of the user online time is updated.
Authentication Ack Number of authentication acknowledgment messages.
Reauthenticate Command Number of re-authentication messages.
Cut Command Number of logout command request messages.
Cut Ack Number of acknowledgment messages to logout request messages.
Sam Nac Ack Number of EAP messages replied by the SAM module.
Notify Server Up Number of RADIUS server Up messages.
Wlan Mac Authentication Request Number of MAC authentication request messages initiated by the WLAN module.
Notify Vlanif Mac Authentication Number of MAC authentication request messages of a VLANIF interface.
Translation
Download
Updated: 2019-07-18

Document ID: EDOC1100064353

Views: 125620

Downloads: 98

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next