Dot1x system-auth-control, Dot1x intrusion-action, Dot1x system-auth-control dot1x intrusion-action – Brocade Communications Systems Brocate Ethernet Access Switch 6910 User Manual

Brocade 6910 Ethernet Access Switch Configuration Guide

177

53-1002581-01

802.1X Port Authentication

9

dot1x system-auth-control

This command enables IEEE 802.1X port authentication globally on the switch. Use the no form to
restore the default.

Syntax

[no] dot1x system-auth-control

Default Setting

Disabled

Command Mode

Global Configuration

Example

Console(config)#dot1x system-auth-control

Console(config)#

dot1x intrusion-action

This command sets the port’s response to a failed authentication, either to block all traffic, or to
assign all traffic for the port to a guest VLAN. Use the no form to reset the default.

Syntax

dot1x intrusion-action {block-traffic | guest-vlan}

no dot1x intrusion-action

block-traffic - Blocks traffic on this port.

guest-vlan - Assigns the user to the Guest VLAN.

Default

block-traffic

Command Mode

Interface Configuration

Command Usage

For guest VLAN assignment to be successful, the VLAN must be configured and set as active (see
the

vlan database

command) and assigned as the guest VLAN for the port (see the

network-access

guest-vlan

command).

Example

Console(config)#interface eth 1/2

Console(config-if)#dot1x intrusion-action guest-vlan

Console(config-if)#