Table of Contents
Advertisement
802. 1 x Commands
78-20269-01 Command Line Interface Reference Guide
•
multi-sessions—Enable multiple-sessions mode.
Default Configuration
Default mode is multi-host.
Command Mode
Interface Configuration (Ethernet) mode
User Guidelines
In multiple hosts mode only one of the attached hosts must be successfully
authorized for all hosts to be granted network access. If the port becomes
unauthorized, all attached clients are denied access to the network.
In multiple sessions mode each host must be successfully authorized in order to
grant network access. Please note that packets are NOT encrypted, and after
success full authentication filtering is based on the source MAC address only.
Port security on a port cannot be enabled in single-host mode and in
multiple-sessions mode.
It is recommended to enable reauthentication when working in multiple-sessions
mode in order to detect User Logout for users that hadn't sent Logoff.
Example
console(config)# interface gi1
console(config-if)# dot1x host-mode multi-host
console(config-if)# dot1x host-mode single-host
console(config-if)# dot1x host-mode multi-sessions
20.16 dot1x violation-mode
Use the dot1x violation-mode Interface Configuration (Ethernet) mode command to
configure the action to be taken, when a station whose MAC address is not the
supplicant MAC address, attempts to access the interface. Use the no form of this
command to return to default.
Syntax
dot1x violation-mode
no dot1x violation-mode
{restrict | protect | shutdown}
seconds
[traps
]
20
267
Advertisement
Table of Contents
