802.1X Commands
Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide
Example
switchxxxxxx#
dot1x unlock client gi11 00:01:12:af:00:56
3.30 dot1x violation-mode
To configure the action to be taken when an unauthorized host on authorized port
in single-host mode attempts to access the interface, use the dot1x
violation-mode command in Interface Configuration mode. To restore the default
configuration, use the no form of this command.
Syntax
dot1x violation-mode {restrict
no dot1x violation-mode
Parameters
•
restrict—Generates a trap when a station, whose MAC address is not the
supplicant MAC address, attempts to access the interface. The minimum
time between the traps is 1 second. Those frames are forwarded but their
source addresses are not learned.
•
protect—Discard frames with source addresses that are not the supplicant
address.
•
shutdown—Discard frames with source addresses that are not the
supplicant address and shutdown the port.
•
seconds
trap
- Send SNMP traps, and specifies the minimum time between
consecutive traps. If seconds = 0 traps are disabled. If the parameter is not
specified, it defaults to 1 second for the restrict mode and 0 for the other
modes.
Default Configuration
Protect
Command Mode
Interface (Ethernet) Configuration mode
|
protect
|
shutdown} [traps
3
seconds
]
112