Reference Guide
1052 | Security
www.dell.com | support.dell.com
Related
Commands
dot1x auth-fail-vlan
c e s z
Configure a authentication failure VLAN for users and devices that fail 802.1X authentication.
Syntax
dot1x auth-fail-vlan vlan-id [max-attempts number]
To delete the authentication failure VLAN, use the no dot1x auth-fail-vlan vlan-id [max-attempts
number] command.
Parameters
Defaults
3 attempts
Command Modes
CONFIGURATION (conf-if-interface-slot/port)
Command History
Usage Information
If the host responds to 802.1X with an incorrect login/password, the login fails. The switch will
attempt to authenticate again until the maximum attempts configured is reached. If the authentication
fails after all allowed attempts, the interface is moved to the authentication failed VLAN.
Once the authentication VLAN is assigned, the port-state must be toggled to restart authentication.
Authentication will occur at the next re-authentication interval (dot1x reauthentication).
Related
Commands
Version 7.6.1.0 Introduced on C-Series and S-Series
Version 7.4.1.0 Introduced on E-Series
dot1x authentication (Configuration) Enable dot1x globally
vlan-id
Enter the VLAN Identifier.
Range: 1 to 4094
max-attempts number (OPTIONAL) Enter the keyword max-attempts followed number of
attempts desired before authentication fails.
Range: 1 to 5
Default: 3
Version 8.3.11.1 Introduced on Z9000
Version 7.6.1.0 Introduced on C-Series, E-Series and S-Series
dot1x port-control Enable port-control on an interface
dot1x guest-vlan Configure a guest VLAN for non-dot1x devices
show dot1x interface Display the 802.1X information on an interface