Cisco Catalyst 2960-XR Security Configuration Manual page 271

Configuring IEEE 802.1x Port-Based Authentication
• You can re-enable individual VLANs by using the clear errdisable interface interface-id vlan [vlan-list]
Beginning in privileged EXEC mode, follow these steps to enable voice aware 802.1x security:
SUMMARY STEPS
1. configure terminal
2. errdisable detect cause security-violation shutdown vlan
3. errdisable recovery cause security-violation
4. clear errdisable interface interface-id vlan [vlan-list]
5. Enter the following:
6. end
DETAILED STEPS
Command or Action
Step 1 configure terminal
Example:
Switch# configure terminal
Step 2 errdisable detect cause security-violation shutdown
vlan
Example:
Switch(config)# errdisable detect cause
security-violation shutdown vlan
Step 3 errdisable recovery cause security-violation
Example:
Switch(config)# errdisable recovery cause
security-violation
Step 4 clear errdisable interface interface-id vlan [vlan-list]
Example:
Switch(config)# clear errdisable interface
GigabitEthernet4/0/2 vlan
OL-29434-01
privileged EXEC command. If you do not specify a range, all VLANs on the port are enabled.
• shutdown
• no shutdown
Catalyst 2960-XR Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX1
Configuring Voice Aware 802.1x Security
Purpose
Enters the global configuration mode.
Shuts down any VLAN on which a security violation error
occurs.
Note If the shutdown vlan keywords are not included,
the entire port enters the error-disabled state and
shuts down.
(Optional) Enables automatic per-VLAN error recovery.
(Optional) Reenables individual VLANs that have been error
disabled.
• For interface-id, specify the port on which to reenable
individual VLANs.
249