Table of Contents
Advertisement
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Dell Contax
after success full authentication filtering is based on the source MAC address
only.
Port security on a port can't be enabled in single-host mode and in multiple-
sessions mode.
It is recommended to enable reauthentication when working in multiple-
sessions mode in order to detect User Logout for users that hadn't sent
Logoff.
Example
console(config)# interface gigabitethernet 1/0/1
console(config-if)# dot1x host-mode multi-host
console(config-if)# dot1x host-mode single-host
console(config-if)# dot1x host-mode multi-sessions
dot1x violation-mode
Use the dot1x violation-mode Interface Configuration (Ethernet) mode
command to configure the action to be taken, when a station whose MAC
address is not the supplicant MAC address, attempts to access the interface.
Use the no form of this command to return to default.
Syntax
dot1x violation-mode
no dot1x violation-mode
Parameters
•
restrict—Generates a trap when a station whose MAC address is not the
supplicant MAC address, attempts to access the interface. The minimum
time between the traps is 1 second. Those frames are forwarded but their
source address are not learned.
•
protect—Discard frames with source addresses not the supplicant address.
•
shutdown—Discard frames with source addresses not the supplicant
address and shutdown the port
D E L L C O N F I D E N T I A L – P R E L I M I N A R Y 5 / 1 5 / 1 2 - F O R P R O O F O N LY
314
802.1x Commands
CLI\files\802.1X.fm
{restrict | protect | shutdown}
Advertisement
Table of Contents
