beautypg.com

Dot1x single-host-violation – Allied Telesis AT-S94 CLI (AT-8000S Series) User Manual

Page 387

background image

802.1x Commands

Page 386

Example

The following example defines VLAN 2 as a guest VLAN.

dot1x single-host-violation

The dot1x single-host-violation Interface Configuration (Ethernet) mode command configures the action to be
taken, when a station whose MAC address is not the supplicant MAC address, attempts to access the interface.
Use the no form of this command to restore defaults.

Syntax

dot1x single-host-violation {forward | disgard | disgard-shutdown [ trap seconds ]

no port dot1x single-host-violation

Parameters

forward — Forwards frames with source addresses that are not the supplicant address, but does not learn
the source addresses.

discard — Discards frames with source addresses that are not the supplicant address.

discard-shutdown — Discards frames with source addresses that are not the supplicant address. The port
is also shut down.

trap seconds— Indicates that SNMP traps are sent. Specifies the minimum amount of time in seconds
between consecutive traps. (Range: 1- 1000000

)

Default Configuration

Frames with source addresses that are not the supplicant address are discarded.

No traps are sent.

Command Mode

Interface Configuration (Ethernet) mode

User Guidelines

The command is relevant when multiple hosts is disabled and the user has been successfully authenticated.

console#

console# configure

console(config)# vlan database

console(config-vlan)# vlan 2

console(config-vlan)# exit

console(config)# interface vlan 2

console(config-if)# dot1x guest-vlan