314 802.1x Commands
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Dell Contax
CLI\files\802.1X.fm
DELL CONFIDENTIAL – PRELIMINARY 5/15/12 - FOR PROOF ONLY
after success full authentication filtering is based on the source MAC address
only.
Port security on a port can’t be enabled in single-host mode and in multiple-
sessions mode.
It is recommended to enable reauthentication when working in multiple-
sessions mode in order to detect User Logout for users that hadn’t sent
Logoff.
Example
console(config)# interface gigabitethernet 1/0/1
console(config-if)# dot1x host-mode multi-host
console(config-if)# dot1x host-mode single-host
console(config-if)# dot1x host-mode multi-sessions
dot1x violation-mode
Use the dot1x violation-mode Interface Configuration (Ethernet) mode
command to configure the action to be taken, when a station whose MAC
address is not the supplicant MAC address, attempts to access the interface.
Use the no form of this command to return to default.
Syntax
dot1x violation-mode
{restrict | protect | shutdown}
no dot1x violation-mode
Parameters
•
restrict
—Generates a trap when a station whose MAC address is not the
supplicant MAC address, attempts to access the interface. The minimum
time between the traps is 1 second. Those frames are forwarded but their
source address are not learned.
•
protect
—Discard frames with source addresses not the supplicant address.
•
shutdown
—Discard frames with source addresses not the supplicant
address and shutdown the port
To Next Page
Loading...
Need help?
General