HP Procurve Switch Troubleshooting Commands

by Stefan Lindblom
on September 4, 2012

Did I really save the last configuration to nvram?

show running-config status

Output:

switch# show running-config status
Running configuration is same as the startup configuration.

To show the running configuration for one or several ports:

show running-config interface [PORT-LIST]

Output:

switch# show running-config interface A1-A2,B4-B5
Running configuration:
interface A1
 untagged vlan 1
 aaa port-access authenticator
 aaa port-access authenticator unauth-vid 2
 exit
interface A2
 untagged vlan 1
 aaa port-access authenticator
 aaa port-access authenticator unauth-vid 2
 exit
interface B4
 untagged vlan 1
 aaa port-access authenticator
 aaa port-access authenticator unauth-vid 2
 exit
interface B5
 untagged vlan 1
 aaa port-access authenticator
 aaa port-access authenticator unauth-vid 2
 exit

Show authenticated (802.1x, radius etc.) users:

show port-access authenticator clients [PORT-LIST] [(detailed)]

Output:

switch# show port-access authenticator clients
Port Access Authenticator Client Status
Port-access authenticator activated [No] : Yes
Allow RADIUS-assigned dynamic (GVRP) VLANs [No] : No
Port Client Name           MAC Address   IP Address      Client Status 
---- --------------------- ------------- --------------- --------------------
 A17 user1                 macmac-addr01 n/a             Authenticated 
 A19 user2                 macmac-addr02 n/a             Authenticated 
 C1                        macmac-addr03 n/a             Connecting

If you have dhcp-snooping enabled, you will also be able to see the client’s IP address in the above list.

To see what port a specific mac address is connected to:

show mac-address aa:aa:aa:bb:bb:bb

Output:

switch# show mac-address aa:aa:aa:bb:bb:bb
Status and Counters - Address Table - aaaaaa-bbbbbb
Port   VLAN
------ ----
E21    2

And the other way around – to see what mac address(es) is connected to what port:

show mac-address E21

Output:

switch# show mac-address E21
Status and Counters - Port Address Table - E21
MAC Address    VLANs 
 ------------- ------------
aaaaaa-bbbbbb 2

Disable 802.1x on one or multiple ports:

switch(config)# no aaa port-access authenticator [PORT-LIST]
switch(config)# no aaa port-access authenticator [PORT-LIST] unauth-vid

…where the last line will disable the default unauthenticated vlan.

Categories:

Networking

Tags:

802.1xaaaauthenticationHPprocurveswitchtroubleshooting

Comments are closed