Manualshelf

Command Line Reference Guide

ManualsBrandsDell Manualscomputer componentsNetworking S5000
151152153154155156157158159160
Related
Commands
dot1x authentication (Configuration)
dot1x guest-vlan
Configure a guest VLAN for limited access users or for devices that are not 802.1X capable.
S5000
Syntax
dot1x guest-vlan vlan-id
To disable the guest VLAN, use the no dot1x guest-vlan vlan-id command.
Parameters
vlan-id Enter the VLAN Identifier. The range is 1 to 4094.
Defaults Not configured.
Command Modes CONFIGURATION (
conf-if-interface-slot/port
)
Command History
Version 9.0(1.3) Introduced on the S5000.
Usage
Information
1X authentication is enabled when an interface is connected to the switch. If the host fails to
respond within a designated amount of time, the authenticator places the port in the guest
VLAN.
If a device does not respond within 30 seconds, it is assumed that the device is not 802.1X
capable. Therefore, a guest VLAN is allocated to the interface, and authentication for the
device occurs at the next reauthentication interval (dot1x reauthentication).
If the host fails authentication for the designated number of times, the authenticator places the
port in authentication failed VLAN (dot1x auth-fail-vlan).
NOTE: You can create the Layer 3 portion of a guest VLAN and authentication fail VLANs
whether the VLAN is assigned to an interface or not. After an interface is assigned a guest
VLAN (which has an IP address), routing through the guest VLAN is the same as any other
traffic. However, the interface may join/leave a VLAN dynamically.
Related
Commands
dot1x auth-fail-vlan
dot1x reauthentication
dot1x reauth-max
show dot1x interface
155