dot1x single-host-violation
The dot1x single-host-violation Interface Configuration mode command configures the action to
be taken, when a station whose MAC address is not the supplicant MAC address, attempts to
access the interface. Use the no form of this command to return to default.
Syntax
dot1x single-host-violation {forward | discard | discard-shutdown} [trap seconds]
no port dot1x single-host-violation
forward — Forward frames with source addresses not the supplicant address, but do not
•
learn the address.
•
discard — Discard frames with source addresses not the supplicant address.
discard-shutdown — Discard frames with source addresses not the supplicant address.
•
The port is also shutdown.
•
trap seconds — Send SNMP traps, and specifies the minimum time between consecutive
traps. (Range: 1 - 1000000
Default Configuration
Discard frames with source addresses not the supplicant address. No traps.
Command Mode
Interface configuration (Ethernet) mode
User Guidelines
•
The command is relevant when Multiple hosts is disabled and the user has been successfully
authenticated
Examples
The following example uses the forward action to forward frames with source addresses not the
supplicant address.
console(config-if)# dot1x single-host-violation forward trap 100
show dot1x advanced
The show dot1x advanced Privileged EXEC mode command displays 802.1X advanced features for
the Ethernet Switch Module or for the specified interface.
Syntax
show dot1x advanced [ethernet interface]
•
interface — Ethernet interface
356
802.1x Commands
)