Reference Guide
192 | 802.1X
www.dell.com | support.dell.com
dot1x authentication (Interface)
c e s
Enable dot1x on an interface; dot1x must be enabled both globally and at the interface level.
Syntax
dot1x authentication
To disable dot1x on an interface, use the no dot1x authentication command.
Defaults
Disabled
Command Modes
INTERFACE
Command
History
Related
Commands
dot1x auth-fail-vlan
c e s
Configure a authentication failure VLAN for users and devices that fail 802.1X authentication.
Syntax
dot1x auth-fail-vlan vlan-id [max-attempts number]
To delete the authentication failure VLAN, use the no dot1x auth-fail-vlan vlan-id
[max-attempts number] command.
Parameters
Defaults
3 attempts
Command Modes
CONFIGURATION (conf-if-interface-slot/port)
Command
History
Usage
Information
If the host responds to 802.1X with an incorrect login/password, the login fails. The switch will
attempt to authenticate again until the maximum attempts configured is reached. If the authentication
fails after all allowed attempts, the interface is moved to the authentication failed VLAN.
Once the authentication VLAN is assigned, the port-state must be toggled to restart authentication.
Authentication will occur at the next re-authentication interval (dot1x reauthentication).
Related
Commands
Version 7.6.1.0 Introduced on C-Series and S-Series
Version 7.4.1.0 Introduced on E-Series
dot1x authentication (Configuration)
vlan-id
Enter the VLAN Identifier.
Range: 1 to 4094
max-attempts number (OPTIONAL) Enter the keyword max-attempts followed number of
attempts desired before authentication fails.
Range: 1 to 5
Default: 3
Version 7.6.1.0 Introduced on C-Series, E-Series and S-Series
dot1x port-control
dot1x guest-vlan
show dot1x interface