Manualshelf

Specifications

ManualsBrandsCisco ManualsDocking StationAccess Registrar 3.5
919293949596979899100
2-37
Catalyst 4500 Se ries S wit ch C is co IO S C om mand R efer ence —Re lease I OS XE 3 .3.0 XO(1 5.1 (1)XO)
OL_28738-01
Chapter 2 Cisco IOS Commands for the Catalyst 4500 Series Switches
authentication violation
authenticatio n violation
Use the authenticat ion viol ation interface configuration command to configure the violation mode:
restrict, shutdown, and replace.
In single-host mode, a security vi olation is triggered when mo re than on e device are d etected on t he data
vlan. In multidomain authentication mode, a security violation is triggered when more than one device
are detected on the data or voice VLAN.
Security violation c annot be trigge red in multiplehost or multiauthentication mode.
authentication violation { restrict | shutdown | replace}
no authentication violation {restrict | shutdown | replace}
Syntax Description
Defaults Shut down the port. If t he restrict keyword is configured, the port does no t sh utdown.
Command Modes Interface configuration
Usage Guidelines When a new host is seen in single or multiple- domain modes, r eplace mode tears down the old session
and authenticates the new host.
Examples This example shows how to configure violation mode shutdown on a switch:
Switch# configure terminal
Switch(config)# authentication violation shutdown
A port is error-disabled when a security vi olation trigge rs on shutdown mode. The following syslog
messages displays:
%AUTHMGR-5-SECURITY_VIOLATION: Security violation on the interface <interface name>, new
MAC address <mac-address> is seen.
%PM-4-ERR_DISABLE: security-violation error detected on <interface name>, putting
<interface name> in err-disable state
Related Commands
restrict Generates a syslog error when a violation error occurs .
shutdown Error disables the [virtual] port on which an unexpe cted MAC address
occurs.
replace Replaces the existing host with the new host, instead of errordisabling or
restricting the port.
Command Description
authentication
control -dire ct ion
Configures the port mode as unidirectional or bidirectional.
authentication event Sets the action for specific authentication events.