Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1173
Views
0
Helpful
2
Replies

Private-VLAN and IEEE 802.1X/MAB

walfors
Level 1
Level 1

‎10-17-2013 03:11 PM - edited ‎03-07-2019 04:05 PM

Hello,

A client of mine wants to use private-VLAN ("isolated ports") on interfaces configured as IEEE 802.1X with MAB  - but I am running into trouble with the switchport mode private-vlan host command: " Command rejected: Gi1/0/1 is Authentication. Authentication must be disabled before changing port mode enabled port."

Should it be possible to configure, or is there a limitation w/h the MAB feature?

IOS c3750-ipbasek9-mz.150-1.SE.bin

Thanks

Lennart

Labels:
0 Helpful
2 Replies 2

Reza Sharifi
Hall of Fame
Hall of Fame

‎10-17-2013 06:22 PM

Hi,

try adding this command globally first:

dot1x system-auth-control

and than try 

switchport mode private-vlan host

HTH

0 Helpful

walfors
Level 1
Level 1
In response to Reza Sharifi

‎10-17-2013 11:20 PM

Hi Reza,

The dot1x system-auth-control command is already there - I think it's needed for the IEEE802.1X feature.

I did remove the voice VLAN, but the problem remains.

Best ones,

Lennart

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card