Dot1x violation-mode – Dell PowerEdge VRTX User Manual

350

802.1X Commands

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Dell Plasma-ARC

2+3\new_system_mifs_ARC2_latest\802_1X.fm

D E L L C O N F ID E N T IA L – P R E L IM I N A RY 4 / 3 /1 4 - FO R P R O O F O N LY

Example

The following example enables sending traps when a MAC address is

successfully

authorized

by the 802.1X MAC-authentication access control.

console(config)# dot1x traps authentication success mac

dot1x violation-mode

Use the dot1x violation-mode Interface Configuration mode command to

configure the action to be taken when an unauthorized host on authorized

port in single-host mode attempts to access the interface. Use the no form of

this command to return to default.

Syntax

dot1x violation-mode {restrict

|

protect

|

shutdown}

no dot1x violation-mode

Parameters

• restrict—Generates a trap when a station, whose MAC address is not the

supplicant MAC address, attempts to access the interface. The minimum

time between the traps is 1 second. Those frames are forwarded but their

source addresses are not learned.

• protect—Discard frames with source addresses that are not the supplicant

address.

•

shutdown—Discard frames with source addresses that are not the

supplicant address and shutdown the port.

Default Configuration

Protect

Command Mode

Interface (Ethernet) Configuration mode

User Guidelines

The command is relevant only for single-host mode.