Service Manual
If the host fails authentication for the designated number of times, the authenticator places the port in
authentication failed VLAN (dot1x auth-fail-vlan).
NOTE: The layer 3 portion of guest VLAN and authentication fail VLANs can be created regardless if
the VLAN is assigned to an interface or not. After an interface is assigned a guest VLAN (which has an
IP address), routing through the guest VLAN is the same as any other trac. However, the interface
may join/leave a VLAN dynamically.
Related Commands
• dot1x auth-fail-vlan — congures a VLAN for authentication failures.
• dot1x reauthentication — enables periodic re-authentication.
• show dot1x interface — displays the 802.1X information on an interface.
dot1x mac-auth-bypass
Enable MAC authentication bypass. If 802.1X times out because the host did not respond to the Identity Request frame, Dell Networking
OS attempts to authenticate the host based on its MAC address.
Syntax
[no] dot1x mac-auth-bypass
Defaults Disabled
Command Modes INTERFACE
Command History
This guide is platform-specic. For command information about other platforms, see the relevant Dell Networking
OS Command Line Reference Guide.
Version Description
9.8(1.0) Introduced on the Z9100-ON.
9.8(0.0P5) Introduced on the S4048-ON.
9.8(0.0P2) Introduced on the S3048-ON.
9.7(0.0) Introduced on the S6000–ON.
9.2(1.0) Introduced on the Z9500.
9.0.2.0 Introduced on the S6000.
8.3.19.0 Introduced on the S4820T.
8.3.11.4 Introduced on the Z9000.
8.3.7.0 Introduced on the S4810.
8.4.1.0 Introduced on the C-Series and S-Series.
Usage Information To disable MAC authentication bypass on a port, enter the no dot1x mac-auth-bypass command.
dot1x max-eap-req
Congure the maximum number of times an extensive authentication protocol (EAP) request is transmitted before the session times out.
Syntax
dot1x max-eap-req number
To return to the default, use the no dot1x max-eap-req command.
1424 Security