restricted-vlan
Configures a specific VLAN as the restricted VLAN for all ports on the device to place the client port when the authentication fails.
Syntax
Command Default
The restricted VLAN is not configured.
Modes
Authentication configuration mode
Usage Guidelines
When an authentication fails, the port can be moved into a configured restricted VLAN instead of blocking the client completely. The port is moved to the configured restricted VLAN only if the authentication failure action is set to place the port in a restricted VLAN using the auth-fail-action command at the global level or using the authentication fail-action command at the interface level. Else, when the authentication fails, the client's MAC address is blocked in the hardware (default action).
The no form of the command disables the restricted VLAN.
Examples
The following example creates a restricted VLAN with VLAN 4.
device(config)# authentication device(config-authen)# restricted-vlan 4
History
Release version | Command history |
---|---|
08.0.20 | This command was introduced. |