10-17-2013 03:11 PM - edited 03-07-2019 04:05 PM
Hello,
A client of mine wants to use private-VLAN ("isolated ports") on interfaces configured as IEEE 802.1X with MAB - but I am running into trouble with the switchport mode private-vlan host command: " Command rejected: Gi1/0/1 is Authentication. Authentication must be disabled before changing port mode enabled port."
Should it be possible to configure, or is there a limitation w/h the MAB feature?
IOS c3750-ipbasek9-mz.150-1.SE.bin
Thanks
Lennart
10-17-2013 06:22 PM
Hi,
try adding this command globally first:
dot1x system-auth-control
and than try
switchport mode private-vlan host
HTH
10-17-2013 11:20 PM
Hi Reza,
The dot1x system-auth-control command is already there - I think it's needed for the IEEE802.1X feature.
I did remove the voice VLAN, but the problem remains.
Best ones,
Lennart
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: