802.1x Commands
400 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
User Guidelines
This command enables the attachment of multiple clients to a single 802.1x-enabled port.
In this mode, only one of the attached hosts must be successfully authorized for all hosts
to be granted network access. If the port becomes unauthorized, all attached clients are
denied access to the network.
For unauthenticated VLANs, multiple hosts are always enabled.
Multiple-hosts must be enabled to enable port security on the port.
Example
The following command enables multiple hosts (clients) on an 802.1x-authorized port.
dot1x single-host-violation
The dot1x single-host-violation Interface Configuration mode command configures the
action to be taken, when a station whose MAC address is not the supplicant MAC address,
attempts to access the interface. Use the
no form of this command to return to default.
Syntax
dot1x single-host-violation {forward | discard | discard-shutdown} [trap seconds]
no port dot1x single-host-violation
Parameters
• forward — Forwards frames with source addresses that are not the supplicant
address, but does not learn the source addresses.
• discard — Discards frames with source addresses that are not the supplicant address.
• discard-shutdown — Discards frames with source addresses that are not the
supplicant address. The port is also shut down.
• trap — Indicates that SNMP traps are sent.
• seconds — Specifies the minimum amount of time in seconds between consecutive
traps. (Range: 1-
1000000)
Default Configuration
Frames with source addresses that are not the supplicant address are discarded.
Console(config-if)# dot1x multiple-hosts