dot1x multiple-hosts
The dot1x multiple-hosts interface configuration command allows multiple hosts (clients) on an
802.1x-authorized port where the dot1x port-control interface configuration command is set to
auto. To return to the default setting, use the no form of this command.
Syntax
dot1x multiple-hosts
no dot1x multiple-hosts
Default Configuration
Multiple hosts are disabled.
Command Mode
Interface Configuration (Ethernet) mode
User Guidelines
This command enables the attachment of multiple clients to a single 802.1x-enabled port. In
this mode, only one of the attached hosts must be successfully authorized for all hosts to be
granted network access. If the port becomes unauthorized, all attached clients are denied
access to the network.
If a port joins a port-channel, its state is multiple hosts as long as the port is a member of the
port-channel.
For unauthenticated VLANs, multiple hosts are always enabled.
Examples
The following command allows multiple hosts (clients) on an 802.1x-authorized port:
Console(config-if)# dot1x multiple-hosts
dot1x single-host-violation
The dot1x single-host-violation interface configuration command configures the action to be
taken when a station whose MAC address is not the supplicant MAC address attempts to access
the interface. To return to the default setting, use the no form of this command.
Syntax
dot1x single-host-violation {forward | discard | discard-shutdown} [trap seconds]
no port dot1x single-host-violation
•
forward — Forward frames with source addresses that are not the supplicant address, but
do not learn the address.
•
discard — Discard frames with source addresses that are not the supplicant address.
501
802.1x Commands