Dot1X Critical Vlan - Cisco Catalyst 4500 Series Command Reference Manual

dot1x critical vlan

dot1x critical vlan
To assign a critically authenticated port to a specific VLAN, use the dot1x critical vlan command. To
return to the default setting, use the no form of this command.
Syntax Description
vlan-id
Defaults Critical authentication is disabled on a ports VLAN.
Command Modes
Interface configuration mode
Command History Release
12.2(31)SG
Usage Guidelines The type of VLAN specified must match the type of the port. If the port is an access port, the VLAN
must be a regular VLAN. If the port is a private-VLAN host port, the VLAN must be the secondary
VLAN of a valid private-VLAN domain. If the port is a routed port, no VLAN may be specified.
This command is not supported on platforms such as Layer 3 switches that do not include the Critical
Auth VLAN subsystem.
Examples
This example shows how to enable 802.1x critical authentication on a ports VLAN:
Switch(config-if)# dot1x critical vlan 350
Switch(config-if)#
Related Commands Command
dot1x critical
dot1x critical eapol
dot1x critical recovery delay
show dot1x
Catalyst 4500 Series Switch Cisco IOS Command Reference—Release IOS XE 3.3.0SG and IOS 15.1(1)SG)
2-204
dot1x critical vlan vlan-id
no dot1x critical vlan-id
(Optional) Specifies the VLANs; valid values are from 1 to 4094.
Modification
Support for this command was introduced on the Catalyst 4500 series switch.
Chapter 2 Cisco IOS Commands for the Catalyst 4500 Series Switches
Description
Enables the 802.1X critical authentication on a port.
Enables sending EAPOL success packets when a port is
critically authorized partway through an EAP exchange.
Sets the time interval between port reinitializations.
Displays dot1x information.
OL-25342 -01