Table of Contents
Advertisement
Authenticator Commands
dot1x intrusion-action
dot1x max-reauth-req
This command sets the port's response to a failed authentication, either to block all
traffic, or to assign all traffic for the port to a guest VLAN. Use the no form to reset
the default.
Syntax
dot1x intrusion-action {block-traffic | guest-vlan}
no dot1x intrusion-action
block-traffic - Blocks traffic on this port.
guest-vlan - Assigns the user to the Guest VLAN.
Default
block-traffic
Command Mode
Interface Configuration
Command Usage
◆
For guest VLAN assignment to be successful, the VLAN must be configured and
set as active (see the
for the port (see the
◆
A port can only be assigned to the guest VLAN in case of failed authentication,
if
switchport mode
Example
Console(config)#interface eth 1/2
Console(config-if)#dot1x intrusion-action guest-vlan
Console(config-if)#
This command sets the maximum number of times that the switch sends an EAP-
request/identity frame to the client before restarting the authentication process.
Use the no form to restore the default.
Syntax
dot1x max-reauth-req count
no dot1x max-reauth-req
count – The maximum number of requests (Range: 1-10)
Default
2
Chapter 7
vlan database
command) and assigned as the guest VLAN
network-access guest-vlan
is set to Hybrid.
– 243 –
| Authentication Commands
802.1X Port Authentication
command).
- Quick Links:
- Connecting to the Switch
Hide quick links:
Advertisement
Table of Contents
