EasyManua.ls Logo

Cisco Catalyst 2960-X - Configuring 802.1 X Violation Modes

Cisco Catalyst 2960-X
498 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
PurposeCommand or Action
(Optional) Re-enable an error-disabled VLAN, and clear all
error-disable indications.
Enter the following:
Step 5
shutdown
no shutdown
Return to privileged EXEC mode.end
Step 6
Verify your entries.show errdisable detect
Step 7
This example shows how to configure the switch to shut down any VLAN on which a security violation error
occurs:
Switch(config)# errdisable detect cause security-violation shutdown vlan
This example shows how to re-enable all VLANs that were error disabled on port Gigabit Ethernet 40/2.
Switch# clear errdisable interface gigabitethernet4/0/2
vlan
You can verify your settings by entering the show errdisable detect privileged EXEC command.
Related Topics
Voice Aware 802.1x Security, on page 295
Configuring 802.1x Violation Modes
You can configure an 802.1x port so that it shuts down, generates a syslog error, or discards packets from a
new device when:
a device connects to an 802.1x-enabled port
the maximum number of allowed about devices have been authenticated on the port
Beginning in privileged EXEC mode, follow these steps to configure the security violation actions on the
switch:
SUMMARY STEPS
1.
configure terminal
2.
aaa new-model
3.
aaa authentication dot1x {default} method1
4.
interface interface-id
5.
switchport mode access
6.
authentication violation {shutdown | restrict | protect | replace}
7.
end
Catalyst 2960-X Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX
304 OL-29048-01
Configuring IEEE 802.1x Port-Based Authentication
Configuring 802.1x Violation Modes

Table of Contents

Other manuals for Cisco Catalyst 2960-X

Related product manuals