CLI Guide

Table Of Contents
Security Commands 954
console(config-if-Gi1/0/1)# no authentication timer restart
authentication violation
This command configures the actions to take when more than the AAA-
configured number of hosts attempts to authenticate on an interface. Use the
no form of the command to set the interface configuration to the default.
Syntax
authentication violation { protect | restrict | shutdown }
no authentication violation
protect—Drop incoming packets from the offending host.
restrict—Generate a log when a violation occurs.
shutdown—Error disable the interface.
Default Configuration
The default violation mode is restrict.
Command Mode
Interface (Ethernet) Configuration mode
User Guidelines
This command should not be confused with the port security capability.
These actions occur solely within the authentication framework.
Command History
Syntax added in version 6.6 firmware.
Example
The following example configures an interface error disable when a second
data user attempts to authenticate.
console(config-vlan100)#interface gi1/0/1
console(config-if-Gi1/0/1)#authentication port-control auto
console(config-if-Gi1/0/1)#authentication host-mode single-host
console(config-if-Gi1/0/1)#authentication violation shutdown