Dot1x single-host-violation – Allied Telesis AT-S94 CLI (AT-8000S Series) User Manual
Page 387
802.1x Commands
Page 386
Example
The following example defines VLAN 2 as a guest VLAN.
dot1x single-host-violation
The dot1x single-host-violation Interface Configuration (Ethernet) mode command configures the action to be
taken, when a station whose MAC address is not the supplicant MAC address, attempts to access the interface.
Use the no form of this command to restore defaults.
Syntax
dot1x single-host-violation {forward | disgard | disgard-shutdown [ trap seconds ]
no port dot1x single-host-violation
Parameters
•
forward — Forwards frames with source addresses that are not the supplicant address, but does not learn
the source addresses.
•
discard — Discards frames with source addresses that are not the supplicant address.
•
discard-shutdown — Discards frames with source addresses that are not the supplicant address. The port
is also shut down.
•
trap seconds— Indicates that SNMP traps are sent. Specifies the minimum amount of time in seconds
between consecutive traps. (Range: 1- 1000000
)
Default Configuration
Frames with source addresses that are not the supplicant address are discarded.
No traps are sent.
Command Mode
Interface Configuration (Ethernet) mode
User Guidelines
The command is relevant when multiple hosts is disabled and the user has been successfully authenticated.
console#
console# configure
console(config)# vlan database
console(config-vlan)# vlan 2
console(config-vlan)# exit
console(config)# interface vlan 2
console(config-if)# dot1x guest-vlan