Dot1x single-host-violation – Allied Telesis AT-S95 CLI (AT-8000GS Series) User Manual

Page 390

Allied Telesis
AT-8000GS Command Line Interface User’s Guide

Syntax

dot1x guest-vlan timeout sec

no dot1x guest-vlan timeout

Parameters
•

sec — Specify the timeout in seconds. (Range: 30 – 180)

Default Configuration

The guest VLAN is applied immediately.

Command Mode

Global Configuration mode.

User Guidelines

This command is relevant if the guest VLAN is enabled on the port. Configuring the timeout adds delay from
enabling 802.1X (or port up) to the time the switch puts the port in the guest VLAN

Example

The following example configures the delay from enabling 802.1X (or port up) to adding the port to the guest VLAN
to 50 seconds.

dot1x single-host-violation

The dot1x single-host-violation Interface Configuration (Ethernet) mode command configures the action to be
taken, when a station whose MAC address is not the supplicant MAC address, attempts to access the interface.
Use the no form of this command to restore defaults.

Syntax

dot1x single-host-violation {forward | discard | discard-shutdown} [ trap seconds ]

no port dot1x single-host-violation

Parameters
•

forward — Forwards frames with source addresses that are not the supplicant address, but does not learn

the source addresses.

•

discard — Discards frames with source addresses that are not the supplicant address.

•

discard-shutdown — Discards frames with source addresses that are not the supplicant address. The port

is also shut down.

•

trap seconds— Indicates that SNMP traps are sent. Specifies the minimum amount of time in seconds

between consecutive traps. (Range: 1- 1000000)

Default Configuration

Frames with source addresses that are not the supplicant address are discarded. No traps are sent.

console# configure

console(config)# dot1x guest-vlan timeout 50