authentication violation
To configure the violation modes that occur when a new device connects to a port or when a new device
connects to a port after the maximum number of devices are connected to that port, use the authentication
violation command in interface configuration mode.
authentication violation{ protect|replace|restrict|shutdown }
no authentication violation{ protect|replace|restrict|shutdown }
Syntax Description
Drops unexpected incoming MAC addresses. No syslog errors are
generated.
protect
Removes the current session and initiates authentication with the
new host.
replace
Generates a syslog error when a violation error occurs.restrict
Error-disables the port or the virtual port on which an unexpected
MAC address occurs.
shutdown
Command Default
Authentication violation shutdown mode is enabled.
Command Modes
Interface configuration
Command History
ModificationRelease
This command was introduced.Cisco IOS XE 3.3SECisco IOS XE 3.3SE
Usage Guidelines
Use the authentication violation command to specify the action to be taken when a security violation occurs
on a port.
Examples
This example shows how to configure an IEEE 802.1x-enabled port as error-disabled and to shut down when
a new device connects it:
Device(config-if)# authentication violation shutdown
This example shows how to configure an 802.1x-enabled port to generate a system error message and to
change the port to restricted mode when a new device connects to it:
Device(config-if)# authentication violation restrict
Command Reference, Cisco IOS XE Everest 16.5.1a (Catalyst 3650 Switches)
721
authentication violation
To Next Page
Loading...
Need help?
General