CLI Guide
To delete the authentication failure VLAN, use the no dot1x auth-fail-vlan
vlan-id [max-attempts number] command.
Parameters
vlan-id Enter the VLAN Identifier. The range is from 1 to 4094.
max-attempts
number
(OPTIONAL) Enter the keywords max-attempts then
number of attempts desired before authentication fails. The
range is from 1 to 5. The default is 3.
Defaults 3 attempts
Command Modes CONFIGURATION (conf-if-interface-slot/port)
Command History
This guide is platform-specific. For command information about other platforms,
see the relevant Dell Networking OS Command Line Reference Guide.
Version Description
9.8(2.0) Introduced on the S3100 series.
9.8(0.0P5) Introduced on the S4048-ON.
9.8(0.0P2) Introduced on the S3048-ON.
9.7(0.0) Introduced on the S6000–ON.
9.2(1.0) Introduced on the Z9500.
9.0.2.0 Introduced on the S6000.
8.3.19.0 Introduced on the S4820T.
8.3.7.0 Introduced on the S4810.
7.6.1.0 Introduced on the C-Series, S-Series, and E-Series.
Usage Information
If the host responds to 802.1X with an incorrect login/password, the login fails. The
switch attempts to authenticate again until the maximum attempts configured is
reached. If the authentication fails after all allowed attempts, the interface is moved
to the authentication failed VLAN.
After the authentication VLAN is assigned, the port-state must be toggled to restart
authentication. Authentication occurs at the next re-authentication interval (dot1x
reauthentication
).
Related
Commands
• dot1x port-control — enables port-control on an interface.
• dot1x guest-vlan — configures a guest VLAN for non-dot1x devices.
• show dot1x interface — displays the 802.1X information on an interface.
Security
1581