Chapter 2
Catalyst 2960 Switch Cisco IOS Commands
You can configure the inaccessible authentication bypass feature and the restricted VLAN on an
IEEE 802.1x port. If the switch tries to re-authenticate a critical port in a restricted VLAN and all the
RADIUS servers are unavailable, the switch changes the port state to the critical authentication state,
and it remains in the restricted VLAN.
You can configure the inaccessible bypass feature and port security on the same switch port.
Examples
This example shows how to enable the inaccessible authentication bypass feature on port 21:
Switch# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# interface gigabitethernet0/21
Switch(config-if)# dot1x critical
Switch(config-if)# end
Switch(config)# end
Switch#
You can verify your configuration by entering the show dot1x [interface interface-id] privileged EXEC
command.
Related Commands
Command
dot1x critical (global configuration)
show dot1x
OL-8604-03
[interface interface-id]
Description
Configures the parameters for the inaccessible authentication
bypass feature on the switch.
Displays IEEE 802.1x status for the specified port.
Catalyst 2960 Switch Command Reference
dot1x critical (interface configuration)
2-81