Dot1x system-auth- control, Authenticator commands, Dot1x intrusion- action – LevelOne GTL-2691 User Manual

C

HAPTER

28

| Authentication Commands

802.1X Port Authentication

– 901 –

dot1x system-auth-

control

This command enables IEEE 802.1X port authentication globally on the

switch. Use the no form to restore the default.

S

YNTAX

[no] dot1x system-auth-control

D

EFAULT

S

ETTING

Disabled

C

OMMAND

M

ODE

Global Configuration

E

XAMPLE

Console(config)#dot1x system-auth-control

Console(config)#

Authenticator Commands

dot1x intrusion-

action

This command sets the port’s response to a failed authentication, either to

block all traffic, or to assign all traffic for the port to a guest VLAN. Use the

no form to reset the default.

S

YNTAX

dot1x intrusion-action {block-traffic | guest-vlan}
no dot1x intrusion-action

block-traffic - Blocks traffic on this port.
guest-vlan - Assigns the user to the Guest VLAN.

D

EFAULT

block-traffic

C

OMMAND

M

ODE

Interface Configuration

C

OMMAND

U

SAGE

For guest VLAN assignment to be successful, the VLAN must be configured

and set as active (see the

vlan database

command) and assigned as the

guest VLAN for the port (see the

network-access guest-vlan

command).

E

XAMPLE

Console(config)#interface eth 1/2

Console(config-if)#dot1x intrusion-action guest-vlan

Console(config-if)#