Dot1x single-host-violation – Allied Telesis AT-S95 CLI User Manual

Page 380

Allied Telesis
AT-S95 Management Software CLI User’s Guide

Example

The following example defines VLAN 2 as a guest VLAN.

dot1x single-host-violation

The dot1x single-host-violation Interface Configuration (Ethernet) mode command configures the action to be
taken, when a station whose MAC address is not the supplicant MAC address, attempts to access the interface.
Use the no form of this command to restore defaults.

Syntax

dot1x single-host-violation {forward | discard | discard-shutdown [trap seconds]

no port dot1x single-host-violation

Parameters
•

forward — Forwards frames with source addresses that are not the supplicant address, but does not learn
the source addresses.

•

discard — Discards frames with source addresses that are not the supplicant address.

•

discard-shutdown — Discards frames with source addresses that are not the supplicant address. The port
is also shut down.

•

trap seconds— Indicates that SNMP traps are sent. Specifies the minimum amount of time in seconds
between consecutive traps. (Range: 1- 1000000

)

Default Configuration

Frames with source addresses that are not the supplicant address are discarded.

No traps are sent.

Command Mode

Interface Configuration (Ethernet) mode

User Guidelines

The command is relevant when multiple hosts is disabled and the user has been successfully authenticated.

console#
console# configure
console(config)# vlan database
console(config-vlan)# vlan 2
console(config-vlan)# exit
console(config)# interface vlan 2
console(config-if)# dot1x guest-vlan