07-07-2018 02:35 PM - edited 03-08-2019 03:36 PM
Hello, I currently have all my ports configured with 802.1x and 'authentication violation restrict'.
I understand this will only allow one PC and one phone to connect. My question is - within what time period does that rule work i.e. we often have users move computer between ports and there are never any errors, however occassionally when someone swaps out a phone we do get the error:
'15749: Jul 7 02:19:38.884: %AUTHMGR-5-SECURITY_VIOLATION: Security violation on the interface GigabitEthernet2/0/10, new MAC address (8cec.4b23.3815) is seen.AuditSessionID Unassigned'
Does this command rule ''authentication violation restrict' only generate an error if a third MAC/device is seen on the port within a set amount of time ?
So, would I be better to use the command 'authentication violation replace' rather than 'authentication violation restrict', as I dont care if users move devices between switch ports - I only care that they are restricted to one phone and one PC.
interface GigabitEthernet2/0/20
switchport access vlan 11
switchport mode access
switchport voice vlan 111
ip flow monitor NETFLOW-TRAFFIC input
authentication event fail action next-method
authentication event server dead action authorize vlan 11
authentication event server dead action authorize voice
authentication host-mode multi-domain
authentication order mab dot1x
authentication priority dot1x mab
authentication port-control auto
authentication violation restrict
mab
dot1x pae authenticator
dot1x timeout tx-period 10
spanning-tree portfast
service-policy input Marking
Solved! Go to Solution.
07-07-2018 03:15 PM
07-07-2018 03:15 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide