Command Line Interface
4-118
4
dot1x intrusion-action
This command sets the port’s response to a failed authentication, either to block all
traffic, or to assign all traffic for the port to a guest VLAN. Use the no form to reset
the default.
Syntax
dot1x intrusion-action {block-traffic | guest-vlan}
no dot1x intrusion-action
Default
block-traffic
Command Mode
Interface Configuration
Command Usage
For guest VLAN assignment to be successful, the VLAN must be configured
and set as active (“vlan database” on page 4-242) and assigned as the guest
VLAN for the port (“network-access guest-vlan” on page 4-125).
Example
show dot1x
This command shows general port authentication related settings on the switch or a
specific interface.
Syntax
show dot1x [statistics] [interface interface]
• statistics - Displays dot1x status for each port.
• interface
• ethernet unit/port
- unit - Stack unit. (Range: 1)
- port - Port number. (Range: 1-28)
Command Mode
Privileged Exec
Command Usage
This command displays the following information:
• Global 802.1X Parameters – Shows whether or not 802.1X port
authentication is globally enabled on the switch.
• 802.1X Port Summary – Displays the port access control parameters for
each interface, including the following items:
Console(config)#interface eth 1/2
Console(config-if)#dot1x intrusion-action guest-vlan
Console(config-if)#