Skip to main content
Cisco SD-WAN
Support
Product Documentation
Viptela Documentation

auth-reject-vlan

vpn interface dot1x auth-reject-vlan—Configure an authentication-reject VLAN to place IEEE 802.1X-enabled clients into if authentication is rejected by the RADIUS server (on vEdge routers only).

vManage Feature Template

For vEdge routers only:

Configuration ► Templates ► VPN Interface Ethernet

Command Hierarchy

vpn vpn-id
  interface interface-name
    dot1x
      auth-reject-vlan vlan-id

Options

VLAN Identifier
vlan-id
Identifier of VLAN into which to place 802.1x-enabled clients if authentication for the clients is rejected by the RADIUS servers.
Range: 1 through 4094

Example

Configure a restricted VLAN:

bridge 40
 name Restricted_VLAN
 vlan 40
 interface ge0/5
  no native-vlan
  no shutdown
 !
!
vpn 0
 interface ge0/5
  dot1x
   auth-reject-vlan 40
  !
  no shutdown
 !
!

Release Information

Command introduced in Viptela Software Release 16.3.​

  • Was this article helpful?